Microsoft E3 vs. E5 License Comparison

September 15, 2020 | By IANS Faculty

The information, pricing and product details included in this post are accurate as of September 2020.

A critical decision point to consider when deciding between Microsoft E3 vs. E5, separate from cost is team commitment. With a team committed to fully using E5, the cost savings could exceed the annual cost. Without such commitment, the upgrade may not be successful.

This piece explains the differences between the two license tiers and the main factors to consider before choosing to stay with Microsoft E3 or upgrade to Microsoft E5.

Microsoft E3 vs. E5 Features Comparison

In the years since Microsoft launched Office 365, now re-branded to Microsoft 365, the service offerings have changed, features have moved between tiers and capabilities of different features have changed. However, for the last several years, businesses faced one fundamental question: Is the E5 license worth the extra cost?

Figure 1: E5 Features Not Found in E3

chart showing microsoft e5 features not found in e3

Complicating Factor – Licensing Models

Microsoft offers a lot of services, and several of those bundled in E5 can be added as a la carte options to an existing E3 license. For example, all the compliance features listed in Figure 1 can be added to E3 without a full upgrade for $10 per user per month under the E5 Compliance Plan. Similarly, all the security features listed can be added to E3 for $12 per user per month under the hard-to-find E5 Security Plan. The communications features were once available separately, but that program appears to have sunset.

The $22 per user per month for both compliance and security is less than the extra $25 per user per month. However, the difference is slight – less than a single full-time employee (FTE) for a company with 1,000 employees – and there is a significant advantage in using all of the features that have been designed to work together. Using only compliance would require building your own integrations with your other security toolset, as would using only security. By using both, you gain the integration capability automatically.

Succeeding and Failing with E5

E5 brings along a lot of features, and businesses should consider the following potential commitment and knowledge issues that might hinder success. Examples may include:

Communications features require expertise. Properly using the communication features to replace or augment an existing phone system with videoconferencing requires a skilled team, not only to set it up, but also to manage it. Most organizations find Microsoft Teams to be more than sufficient to augment a legacy phone system. Given the high number of remote workers at present, the value of such legacy phone systems is proving to be lower than many thought.

Identity tools are complex. From a security perspective, the capabilities included in Microsoft Defender for Identity, Azure Active Directory Premium Plan 2 and Privileged Access Management are extremely powerful and, when used correctly, can justify the entire cost of upgrading to E5. However, identity is complex and can be challenging for teams to successfully implement.

Other Considerations for E3 vs. E5

Other features, such as the anti-malware replacement – Defender for Endpoint – can justify the cost alone if the current anti-malware system is lightly configured and costs anywhere near $25 per user per month. However, it might not compare favorably to a well-tuned anti-malware solution that ties into enterprise-level monitoring through an endpoint detection and response (EDR) approach.

Similarly features like Microsoft 365 Defender, Defender for Office 365 and Cloud App Security could be replaced with other products at a lower cost than upgrading from E3 to E5. A team will succeed or fail equally with any product selection in this space – cost is a greater factor than anything else.

Finally, the remaining compliance features – Customer Lockbox and Service Encryption with Customer Key – provide a level of independence from Microsoft through encryption. If you need this capability, then there may be no choice but to invest in local encryption competence and upgrade to E5.

Deciding Between E3 and E5

There are many ways to run the analysis of cost-comparing licenses and features to those of equivalent or other desired products. The difference between E3 and E5 is about features but consider your commitment to a fully cloud-based work environment.

If you have not taken full advantage of E3 and don’t have a team committed to understanding it, following changes to functionality and pushing the licenses to their limit, making the case for upgrade to E5 becomes more difficult.

In contrast, if you have a dedicated and enthusiastic team willing to dive deep into E5 and use the functionality to its greatest extent, eliminating other vendors and fully embracing E5 could be a cost-saving strategy.

  • When making the decision between E3 and E5, organizations should understand
  • There is no one right answer: All companies are different.
  • Consider metrics and factors beyond cost. Look at team interest and capability. Try to avoid investing in a product that will not be used.

The importance of matching expectations to maturity: Be weary of buying licenses and expecting everything to suddenly get better. It may take years to learn how to fully use each feature in your environment.

If you are fully committed to running the business using cloud services, supporting a fully remote work force and fundamentally re-thinking the so-called “best practices” of the last 30 years, then E5 can be a sensible investment.

Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in connection with such information, opinions, or advice.


Find additional resources from our security practitioners.


Learn how IANS can help you and your security team.