Skip links and keyboard navigation

For government agency options have changed in line with the November 2024 Machinery of government (MoG). For more information, see our MoG change guide.

Cyber uplift services

Microsoft E3 and E5 Security capabilities

Learn how this security capability uplift program can amplify your defence measures and improve your capability to identify and counteract cyber threats.

Designed by the Queensland Government Cyber Security Unit and industry partners, the program enhances security, compliance and data protection capabilities of your Microsoft 365 E3 and E5 environments in a rapidly evolving cyber threat landscape.

Our program offers work packages to configure various Microsoft 365 security features, using best practices for identity and access management, threat protection, and information governance.

We configure Microsoft 365 E3 and E5 environments with its advanced security features. You will benefit from stronger defences against cyber threats, including phishing, malware, and data breaches. This ensures the protection of sensitive government data and critical systems.

Key elements of the program include the deployment of Purview, Defender, and Entra ID security features, and ensure your security measures are consistently applied to be consistent across all departments and functions.

Informed by the Australian Signals Directorate Blueprint for Secure Cloud, our program aligns your environment with the Australia Cyber Security Centre Essential Eight framework, and other regulations and requirements, simplifying compliance management.

You have access to the Queensland Government Cyber Security team expert project managers, change specialists, and security engineers. Use their extensive industry experience and technical expertise to manage complex projects effectively and enhance your security measures against changing threats. The team will work closely with you to provide technical, project management and change management expertise required to successfully deliver projects.

Technology the service uses

E3 and E5 security capabilities program leverages the capabilities of features provided by Microsoft to enhance security and compliance for Queensland Government entities. By configuring advanced security features within Microsoft Entra, and other included products such as the Defender and Purview platforms, the program offers improved protection against cyber threats like phishing, ransomware, and unauthorised access.

Identity governance and access management

Entra ID is Microsoft's solution for identity and access management, offering granular control over applications and resources access, ensuring the right people have the right access at the right time to your organisation’s technology resources.

The features enabled by Azure AD Premium P1 or P2 licenses included in the E3 and E5 suites include:

  • multi-factor authentication
  • conditional access policies (including risk-based policies)
  • Privileged Identity Management
  • self-service password resets
  • access reviews
  • passwordless authentication
  • entitlement management
  • lifecycle workflows.

Threat protection and detection

The Microsoft Defender suite of security tools provides a comprehensive and integrated approach to threat protection, detection and response across endpoints, email, identities and cloud applications. Tools included within E5 and partially within E3 include:

  • Defender for Identity
  • Defender for Office 365
  • Defender for Endpoint
  • Defender for Cloud Apps.

The program includes packages for Defender for Cloud and Defender for Servers but these need to be licensed separately.

Data governance, security, and risk

Microsoft Purview is a set of solutions that can help entities govern, protect, and manage data across its entire lifecycle, regardless of where it resides. It combines solutions for data security, data governance and compliance into a unified platform, including:

  • data loss prevention
  • information protection
  • information rights management
  • insider risk management
  • data lifecycle management
  • eDiscovery
  • communication compliance.

The integration of these technologies within the Microsoft 365 ecosystem provides a unified, scalable solution that improves security posture and enhances secure handling of sensitive government data across departments and agencies.

The following eligible agencies and related bodies can access this service at no cost:

  • Queensland Government agencies
  • statutory bodies
  • local government.

Government owned corporations are not eligible for this service.

Contact the Queensland Government Cyber Security Unit by email cybersecurityunit@qld.gov.au to access this service. The team will be in touch within 5 business days.

In your email let us know some basic details like:

  • what agency you’re from
  • your Microsoft 365 licensing type (E3, E5, A3, A5 or F3) and number of seats
  • specific capabilities you want assistance with like Purview, EntraID, Defender.
Last updated:
7 April 2025