Wiki
Microsoft 365 & cyber, plain English, Australian context
Every Microsoft 365 licence, cyber framework, Microsoft product and industry acronym — written for Australian buyers and decision makers. No marketing, no hype, no vendor language. Just what each thing actually is, what it costs and when it matters.
Microsoft 365 licences
Every Microsoft 365 SKU explained for Australian buyers — what's bundled, what isn't, when each pays back.
- Microsoft 365 E3Microsoft 365 E3 is the standard enterprise SKU bundling Office apps, Windows Enterprise, Entra ID P1, Intune, basic Defender and Purview controls.
- Microsoft 365 E5Microsoft 365 E5 is the top enterprise bundle — adds Defender for Identity, Defender for Cloud Apps, full Purview, Entra ID P2 / Governance, Power BI Pro and Teams Phone.
- Microsoft 365 Business PremiumMicrosoft 365 Business Premium is the most popular SKU for sub-300-seat Australian businesses — Office, Intune, Entra ID P1 and Defender Business Premium in one bundle.
- Microsoft 365 Business StandardBusiness Standard is the apps-and-cloud SKU without the security stack — fine for non-regulated SMBs, dangerous for any business handling personal data.
- Microsoft 365 F3Microsoft 365 F3 is the licence for shift / frontline / shop-floor workers who don't need full Office apps — typically saves 70%+ versus E3.
- Microsoft 365 CopilotMicrosoft 365 Copilot is the AUD ~$45/user/month AI add-on that lives inside Word, Excel, PowerPoint, Outlook and Teams, grounded in your tenant's data.
Cyber & compliance frameworks
Australian cyber and compliance frameworks plain-English — and how the Microsoft 365 stack covers each control.
- Essential EightThe ACSC's Essential Eight is the Australian baseline of cyber mitigation strategies, scored on Maturity Levels 0–3.
- Privacy Act 2026The Privacy Act reform package introduces new individual rights, expanded definitions of personal information, a statutory tort, and a higher 'reasonable steps' bar for security.
- APRA CPS 234APRA's Prudential Standard CPS 234 sets information security obligations for Australian banks, insurers and superannuation funds — and now applies to many of their service providers.
- SOCI ActThe Security of Critical Infrastructure Act extends Australian Government cyber and resilience obligations to designated critical-infrastructure operators across 11 sectors.
Microsoft products
Microsoft product reference — what each component does, who needs it, and where it sits in the stack.
- Microsoft Entra IDMicrosoft Entra ID is the rebranded Azure AD — Microsoft's cloud identity and access management platform underpinning Microsoft 365, Azure and integrated SaaS.
- Microsoft IntuneMicrosoft Intune is the cloud-native endpoint management platform — devices, mobile apps, app protection policies and update rings, all controlled from Entra-aware policies.
- Microsoft PurviewMicrosoft Purview is Microsoft's umbrella for data governance, information protection, DLP, eDiscovery, insider risk, communication compliance and records management.
- Microsoft SentinelMicrosoft Sentinel is Microsoft's cloud-native SIEM and SOAR — billed per gigabyte ingested, deployed into your Azure subscription, integrated with Defender XDR and Logic Apps for response automation.
- Defender for EndpointMicrosoft Defender for Endpoint is Microsoft's enterprise EDR — endpoint detection and response across Windows, macOS, Linux, iOS and Android, integrated with Entra Conditional Access for compliance enforcement.
- Copilot StudioMicrosoft Copilot Studio is the low-code platform for building custom Copilot agents — integrated with Microsoft 365 Copilot, the Power Platform and Microsoft 365 data sources.
- Microsoft FabricMicrosoft Fabric is Microsoft's unified analytics platform — a single SaaS product that bundles Power BI, Synapse Analytics, Data Factory and Real-Time Intelligence on a shared OneLake storage layer.
Glossary
Microsoft and cyber acronyms decoded — short, accurate, no marketing.
- MFAMulti-Factor Authentication: requiring two or more verification factors at sign-in — something you know, something you have, something you are.
- PIMPrivileged Identity Management: just-in-time activation of admin roles in Microsoft Entra, with approval, MFA challenge and time-limited access.
- DLPData Loss Prevention: rules that detect and block sensitive content from leaving the tenant — across SharePoint, OneDrive, Teams, Exchange and endpoints.
- EDREndpoint Detection and Response: the next-generation replacement for traditional antivirus — continuous monitoring, behavioural detection, automated investigation and response.
- CAEContinuous Access Evaluation: real-time enforcement of access decisions — sessions are revalidated when something changes (location, device compliance, password reset) instead of waiting for token expiry.
- Zero TrustZero Trust: the security model that assumes breach, verifies every request explicitly, applies least-privilege access, and continuously validates trust signals.
- MAMMobile Application Management: managing the corporate app on a personal device without enrolling the whole device — the BYOD-friendly alternative to MDM.
- CASBCloud Access Security Broker: a security control point between users and cloud apps — visibility into shadow IT, policy enforcement, threat protection across SaaS.
Wiki entries: 25 and growing. Email hello@frontrowtech.com.au with anything you'd like Frontrow to write up next.