Security Requirements for Teams come at a cost

Since August 2019, all new Office 365 customers have been onboarded to Teams and do not have access to Skype for Business Online anymore. Many existing Office 365 customers are currently also being migrated to Microsoft’s new platform being Teams.
Microsoft Teams is the primary client for messaging, meetings and calling in Office 365. In this article we will do a high-level overview into the licensing model and focus very specifically on how the topic of Data Loss Prevention for Teams will have to be licensed.

Microsoft Teams Licensing
For larger clients / enterprises Microsoft Teams is available in Office 365 Enterprise E1, E3, E5, F1 and M365 F1, E3 and E5 bundles. In terms of Teams core functionalities, there are no differences between the different Office 365 subscriptions. Teams isn’t available as a standalone service or subscription license. There is no on-premise version of Teams and therefore no Client Access Licenses / Servers are available to be purchased.

Teams Clients:
All off the above-mentioned subscription plans are eligible for access to the Teams web client, Desktop Client and Mobile App.

Calling and Conferencing

To make and receive calls an add-on called “Phone System” and if Audio Conferencing with Dial-In capabilities is required the add-on called “Audio Conferencing” would have to be purchased.
Calling Plans are available to enable calls to non-IP numbers such as landlines / Mobile phones

Compliance Feature: – Data Loss Prevention
To receive the benefits of compliance capabilities such as Data Loss Prevention for Teams requires an additional subscription called Advanced Compliance Management which comes at a considerable premium which is why we would like to focus more in-depth on this topic.

DLP does not equal DLP
Teams is an enhanced consolidated platform for collaboration built on core features from Exchange, OneDrive, SharePoint and Skype for Business. DLP for the first three components are already included with Office365 E3 or higher editions. Whilst this partially includes some DLP coverage for Teams,  it doesn’t include providing detection of sensitive information shared within chat messages.

The premium cost clients will have to absorb in order to also get the full DLP for Teams (which basically additionally only covers the chat feature) seems quite disproportionate.

Without DLP for Teams your organization might be able to stop data leaking from devices or stop sensitive documents from being shared – however people could still within chats pass sensitive data. Using DLP in Teams addresses this topic and helps removing this risk from Office 365.

Commercial options for DLP for Teams
DLP for OneDrive and SharePoint are included in the “Office 365 Data Loss Prevention” SKU available as standalone or as part of O365 E3 and/or O365 E5 as mentioned above

DLP for Teams itself however is not included in the O365 DLP SKU but instead it is only available as part of the Advanced Compliance Management (ACM) SKU. ACM is also included in the Step-Up to O365 E5, the O365 E5 Full USL and the M365 E5 Compliance Suite. The standalone option (ACM SKU) is the cheapest if a client does not require further features that may justify buying higher-end bundles.

The cost of Advanced Compliance standalone adds over 30% on top of the Cost for a full O365 E3 license. For clients who only require Advanced Compliance to allow for DLP for Teams this is a hefty premium.

Office 365 Customers that wish to continue the journey with teams should and assess carefully which add-ons and specifically security features may be required. This does not only apply to Teams but for all services that are in use. Depending on the requirements add-on bundles may offer more attractive pricing than buying standalone offerings.

For more information or to discuss how Cloud Optics may be able to help you identifying your requirements please contact us on



Previous Post Microsoft Outsourcing Licensing Terms update
Next Post Cloud Optics acquired by Livingstone Technologies