• Home
  • Blog
  • Technical
  • Should I stick with Microsoft 365 Business or move up to Enterprise?

Should I stick with Microsoft 365 Business or move up to Enterprise?

Back to Blog
01Oct2018

Should I stick with Microsoft 365 Business or move up to Enterprise?

Microsoft 365 is best described as a “bundle of bundles”–these new SKU’s go beyond Office 365, and include advanced security products as well as device management and even your Windows licensing.  I have been writing a lot about the Microsoft 365 Business SKU, since it has such an attractive price point for the small business market, and can easily replace a legacy “Small Business Server” with equivalent features (and quite a few goodies that you would not have had in that old SBS server).

But, what about the Microsoft 365 “Enterprise” track? This article is to help you decide whether you will need the fancier feature sets that come with these up-level subscriptions.

Quickly, let us review what we mean by a “bundle of bundles”; Microsoft 365 subscriptions generally include the following software packages:

  • Office 365 Online services such as Exchange, SharePoint, Skype/Teams, etc.
  • Office 365 desktop software such as Word, Excel, PowerPoint, Access, etc.
  • Products from the Enterprise Mobility & Security suite, such as Intune for managing devices, etc.
  • Windows licensing

User count, and Office software

Now, with regard to the Business track, just know that you are limited first and foremost by the total number of users that this subscription can support. So if your organization is larger than 300 users, you should automatically be looking at the Enterprise track. So that’s easy.

Second, you should be aware that the Office software that is included with the “Business” flavor is indeed the same as Office 365 Business Premium (so the “Business” edition of Microsoft Office vs. the “Pro Plus” edition that you would find in Enterprise). However, you will get some cool upgrades like Azure Information Protection, DLP, Archiving and so forth, which help approximate the Microsoft 365 Business subscription more toward the Office 365 E3 level. The main differences that organizations will care about with regard to the features which are only available in Pro Plus are:

  • Group policy support
  • Shared computer activation & ability to run on Remote Desktop Services*
  • Some of the more advanced data tools such as spreadsheet compare, database compare and PowerPivot, PowerQuery, etc.

It is worth noting that MSP service providers may have other means, besides Group Policy, of controlling certain experiences in Office (such as disabling macros via registry). Additionally, you are able to license shared computers such as terminal servers with volume copies of office, and this is in fact required with RDS on Windows Server 2019, anyway. Last, it is NOT true that Microsoft Access is missing from the Business edition–it did not used to be included, but it is now, and has been for a while. If you see something that says otherwise, it is out of date. All this is to say, many small to mid-sized orgs may be okay even without the “Enterprise” track. But check out the differences carefully before you make your decision. (See references at the end of this article for more details).

Enterprise Mobility & Security: Cloud vs. Hybrid organizations

Now, in the Business flavor of Microsoft 365, it is important to note that some of the components of the Enterprise Mobility & Security SKU are actually missing/not included: Azure Active Directory and Advanced Threat Analytics (ATA) for example. Otherwise, it does include Azure Information Protection and Microsoft Intune.

Furthermore, since the Business edition does not include a full blown EMS SKU, you also do not have the benefit of Windows Server CAL’s, which are in fact one of the perks of the EMS product–it is one way that organizations can license their users for both cloud-based and premises-based software in one bundle. The reason that Microsoft did this, is because right now it is generally assumed (especially in larger sized enterprises), that we live in a “hybrid” world–that organizations are going to have premises-based or co-location based services installed and running on Windows Servers, as well as content and services in the cloud–whether that be Office 365 or elsewhere.

However, and this is important: the Business edition of Microsoft 365 generally assumes that smaller sized organizations will soon be removing all dependencies on their legacy on-premises Windows Servers of yore. For this reason, certain features of the EMS packages (like Windows Server CAL’s, ATA, etc.) which are intended for hybrid environments, are not necessary here. If you have a lot of hybrid / on-premises infrastructure that isn’t going anywhere anytime soon, then you might want to consider the Microsoft 365 Enterprise track, rather than Business.

However, just remember that hybrid is also indeed an officially supported scenario for Microsoft 365 Business, including Azure AD Connect with an on-premises AD.

Windows 10 Licensing

With regard to cloud-based Windows 10 licensing: Microsoft’s preference in the “Business” SKU is that you simply join your Windows 10 devices to Azure Active Directory, and not at all to a local Active Directory. When you do this, your Windows 10 Pro device will become “Windows 10 Business” (and actually you also qualify for an upgrade from Windows 7/8/8.1 Pro). Now it is important to realize that you are not obligated to do it that way. You can also still join your Windows 10 Pro device to a local on-premises domain, and then also register the device against Azure AD (hybrid join). But the writing on the wall is this: Windows Server for the small business is becoming a thing of the past–and this SKU is good enough to replace most “Small Business Servers” (assuming other line of business apps are no longer on premises, and now being consumed in the cloud).

This is contrasted with Windows 10 Enterprise, which can be licensed via the Microsoft 365 Enterprise E3 or E5 plan. Enterprise editions of Windows 10 should be hybrid-joined (or, they could be joined only to Azure AD–for instance sales folks who are always on the road and hardly ever tethered to the office–your choice how to manage them). Attaching the Windows 10 Enterprise device to Azure AD in either fashion will unlock features that are specific to your subscription level (E3 or E5), which will include fancier cloud-based items (such as Advanced Threat products, Windows Defender extras and so on), as well as premises-based features that integrate with traditional Windows Server environments (for example Branch Cache, etc.).

Summary Graphic

As always, I like to summarize the feature comparison with a graphic for ease of reference, which will be at the end of this article. To recap our main takeaways: qualify your customers for the right “bundle of bundles” like this:

  1. Does the customer have more than 300 users (or could they outgrow this number in the future?) –> Recommend Microsoft 365 Enterprise
  2. Are they heavily reliant on hybrid/premises-based Windows Server infrastructure –> Recommend Microsoft 365 Enterprise
  3. Are there feature sets that the customer really can’t live without in the Enterprise track such Pro Plus or Windows 10 Enterprise? –> Recommend Microsoft 365 Enterprise

If you can answer no to all of the above, then Microsoft 365 Business is probably your best bang for the buck. Now if you are on the borderline between considering the Business vs. the Enterprise SKU’s, you’re most likely comparing Business to E3, but you might move all the way to E5, for instance, if the customer wants to completely replace their communications platform, including phone system, with Skype/Teams. Only E5 will include those advanced voice capabilities. But otherwise, my guess is that most orgs will simply compare Microsoft 365 Business to E3.

For most small orgs, the “hybrid” aspect is clearly on its way out the door in the next couple of years, since many Line of Business software providers are also now offering SaaS products in the cloud (and if you are holding onto an old domain controller and file shares… consider updating your tech).

Image credit: ITProMentor.com; Pricing is listed here in USD (at the time of this writing).

Bonus references: Service Descriptions

These are excellent references that I use all the time in my job–check them out for more granular detail.

*UPDATE: One of the shocking announcements from Ignite 2018 is that Windows Server 2019 will not support subscription versions of Office software, even the Enterprise / Pro Plus versions. Previously, use of these products was supported on Windows Server 2016, but now in 2019, that support has been removed, and Microsoft will require you to run a volume copy anyway. So that makes the “gap” between Business and Pro Plus versions of Office 365 even less dramatic than previously.

UPDATE: Another announcement is that Windows 10 Enterprise licensing with Microsoft 365 E3 and E5 will now include access to Windows virtual desktop on Azure. From what I have read, it still requires virtual machine runtime to be purchased separately, but all virtualization rights and licensing is included with your subscription.

Technical , 6 Comments
Share:

Comments (6)

  • mjsk Reply

    Thank you, Alex, for this post. It is very helpful!

    October 2, 2018 at 3:05 pm
  • Rob Reply

    What if you have Office E3 (ProPLus) installed and you want to switch to Micrsoft 365 Business. Is that an easy switch at the desktop level, or are you looking at re-installing Office?

    October 10, 2018 at 11:01 am
    • Alex Reply

      Unfortunately it means uninstall/reinstall, since Office 365 Business track has the “Business” edition of the Office software, as opposed to Pro Plus.

      October 10, 2018 at 3:29 pm
  • rob Reply

    Thanks Alex. How about the OS itself. If you signup for Microsoft 365 Business, is it a in-place upgrade from Windows 7 Home or Windows 10 Home to Windows “Business” (Pro) ? — I haven’t seen this process documented

    October 10, 2018 at 4:55 pm
    • Alex Reply

      You have to come from a Pro version–can’t come from Home version. You’d have to buy an upgrade from Home to Pro, then apply the Business upgrade. Windows 7/8 pro qualifies for upgrade to Windows 10 pro without anything special.

      October 11, 2018 at 10:18 pm
  • Lewis Johnson Reply

    I think your table neatly summarizes all the pros and cons of using one or another.

    October 19, 2018 at 1:24 pm

Leave a Reply

Back to Blog

Related Posts

21Jan

Understanding file server migrations to Microsoft 365

In my opinion, there is only one viable migration path to move data from old file servers to Microsoft 365: it has to be a user-engaged migration. IT people always ask me about tools--stuff like the SharePoint migration tool or Microsoft's recent acquisition of mover.io,... read more
30Jun

Troubleshooting weird Azure AD Join issues

If you are starting to do more Azure AD Join (or disjoin/rejoin) operations, you may run into some issues at times where the computer reports an error. These can take several forms, but generally the message is, "Sorry dude, but you can't join/register this device." Here... read more
26Oct

Tutorial: How to Setup Azure Virtual Network with Windows Server Essentials and a Hardware VPN Appliance

Most tutorials on Azure Virtual Network and site-to-site VPN rely on Windows Server's RRAS role to create a quick and dirty VPN connection for demonstration purposes. But in a real world production environment, this is hardly ever the case; the better option by far for... read more
08Aug

Hyper-V Failover Cluster: MPIO & CSV Storage

Continuing our last post on Hyper-V Failover Clustering, we turn our focus from networking to storage. To bring storage into the picture, we will have to provision some volumes from Storage Spaces, our SAN or other Shared Storage device. This varies by vendor, so see their... read more
22Jun

How to securely deploy Remote Desktop Services (RDS) with the Gateway Role

Remote Desktop can be deployed in any number of different ways, and not all of them are created equally when it comes to security. In the Enterprise, we'd most likely see RDS deployed using a "DMZ" or "Demilitarized Zone," which is a special type of... read more
23May

Best Practices: Time synchronization with virtual Domain Controllers

In Hyper-V virtualization, a guest virtual machine has something called "Integration Services." By default, all of these services are pretty much enabled, including time synchronization. However, this can cause big issues if you have virtual Domain Controllers, and your physical host servers are not getting their time... read more
16Jul

How to bundle even more security into your Office 365 subscription

In a previous post, I covered some of the most common SKU's that are frequently purchased by small businesses, who are migrating to the Office 365 platform. In a nutshell, by FAR the most common of those are Office 365 Business Premium and Office 365... read more
31Aug

The next evolution of SBS

In a previous article, I compared two alternative deployments for a new kind of "Small Business Server" (being defined in this case as a network of 25 users or less). Microsoft used to have a widely adopted product for this market called Small Business Server, but... read more
30Aug

(Mis)Adventures with Conditional Access in Azure Active Directory Premium (P1)

I have been playing with Azure Active Directory Premium (P1) features a lot lately. And I love to try as hard as I can to break things. Turns out, it isn't that hard to do with Conditional Access. But, having brushed up against a few... read more
18Jul

A Reader’s input for your consideration: Blocking unsupported devices with Conditional access

Consider the following scenario (from a reader who wished to remain anonymous): Let's say you have implemented my recommended baseline policies for Conditional access, which require Windows & Mac computers to become managed/compliant with Intune, and iOS & Android devices to use approved client applications. In... read more

Helping IT Consultants Succeed in the Microsoft Cloud

Have a Question? Contact me today.

Contact Me