Microsoft last week announced that subscribers to Microsoft 365 Business (which is being renamed this month to “Microsoft 365 Business Premium”) will be getting Azure Active Directory Premium P1 licensing at no additional cost.
Current Microsoft 365 Business subscribers will get Azure AD Premium P1 licensing “in the coming months.” New Microsoft 365 Business subscribers (or Microsoft 365 Business Premium subscribers) will get the P1 licensing “in the next few weeks,” according to the announcement.
Sold separately, Azure AD Premium P1 licensing costs $6 per user per month, but Microsoft 365 Business subscribers will get it for free. The announcement wasn’t wholly clear that it was free, but a Microsoft spokesperson clarified the matter via a Tuesday e-mail as follows:
With this announcement we are making a full Azure Active Directory Premium P1 plan available to Microsoft 365 Business subscribers at no extra cost. Microsoft 365 Business (renamed to Microsoft 365 Business Premium starting April 21st) is the comprehensive productivity and security solution for businesses with less than 300 employees. It integrates your favorite Office apps and collaboration tools including Microsoft Teams with advanced security and device management capabilities.
As mentioned above, Microsoft 365 Business will be renamed as “Microsoft 365 Business Premium,” starting on April 21, and the price won’t change at that time. Other Office 365 products for small-to-medium businesses also will get renamed with the “Microsoft 365” brand on that April 21 date.
It’s just a coincidence, the spokesperson explained, that Azure AD Premium P1 licensing will get added to Microsoft 365 Business subscriptions around that same product name-change timeframe.
Microsoft licensing can be obscure. Previously, Microsoft 365 Business users were licensed to use just a few features that were part of an Azure AD Premium P1 licensing bundle. Namely, they had access to the “Conditional Access, self-service password reset, and Multi-Factor Authentication” features. In the next few weeks, though, Microsoft 365 Business users will have access to all of the P1 features.
There are quite a lot of features listed under the Azure AD Premium P1 license. Microsoft’s announcement highlighted just a few, namely:
- Cloud Discovery: For discovering cloud-based applications used by employees. This service will rank the risk factors associated with using these apps. Apparently, this product used to be called Cloud App Discovery, per a Microsoft FAQ.
- Azure AD Application Proxy: An Azure AD service for verifying access to an organization’s applications used by remote workers. Microsoft claims that Azure AD Application Proxy is “more secure than VPN and reverse proxy solutions and easier to implement.”
- Dynamic Group: An Azure AD capability that lets IT pros set group membership automatically for users or devices, based on rules. “Users and devices are added or removed if they meet the conditions for a group,” according to Microsoft’s Dynamic Group documentation.
- Passwordless Authentication: With a few options. Organizations can use Windows 10’s biometric authentication capability, called “Windows Hello,” which can verify access using a person’s face. There’s also the possibility to use hardware devices, such as key fobs, based on the Fast Identity Online 2 (FIDO2) security approach. Lastly, for mobile devices, the Microsoft Authenticator App can be used.
The spokesperson noted that “these capabilities are designed to help your employees maintain secure access to work apps, even if they’re working from home.”
FIDO2 and Azure AD support is still apparently at the preview stage. Back in February, Microsoft had suggested that Azure AD and FIDO2 key support would reach general availability in about four to six months