What Cloud Capsule Can't See on Microsoft 365 Business Standard

What Cloud Capsule Can't See on Microsoft 365 Business Standard

Cloud Capsule assessments cover 200+ key security datapoints across CIS Controls and NIST CSF 2.0, pulling data from Entra ID, Microsoft Defender, Intune, Exchange, Teams, and SharePoint. On Microsoft 365 Business Standard, several of those data sources simply don't exist. This means certain checks will fail, return no data, or cannot be assessed at all.

Microsoft Defender

Business Standard does not include a Defender for Business license. Tenants on Business Standard will fail to complete the consent process in Cloud Capsule due to a missing Defender service principal. This results in zero visibility into endpoint threat detection, malware and ransomware status, and real-time protection reporting.

For steps to resolve the Defender service principal error, refer to the How to Connect a Customer Tenant and Troubleshoot Consent Issues article. 

Intune and Device Compliance

Intune is not included with Business Standard. Without it, Cloud Capsule's device health reporting has nothing to pull from. This includes full details of impacted users and devices surfaced as part of each control finding. Device compliance, enrollment status, and configuration profiles will all be unavailable for Standard tenants.

Conditional Access Policies

Conditional Access requires Microsoft Entra ID P1, which is bundled with Business Premium but not Business Standard. Any Cloud Capsule checks against Conditional Access configurations will show as unconfigured or missing on Standard tenants.

Advanced Entra ID and Identity Controls

Advanced identity and anomaly reports require Microsoft Entra ID P1 or P2. Business Standard includes only the base Entra tier, so identity risk signals surfaced by Cloud Capsule, such as risky sign-ins and anomalous resource usage, will not be available.

Data Protection and DLP

Business Standard does not include Azure Information Protection and has limited Data Loss Prevention capabilities. Cloud Capsule checks against data classification and protection controls will flag these as gaps, with no underlying configuration to assess.

Recommended License

For a complete Cloud Capsule assessment, the customer tenant should have one of the following:

• Microsoft 365 Business Premium
• Microsoft 365 E3 or higher
• Microsoft Entra ID P1 or higher (with a qualifying base license)

These licenses ensure Cloud Capsule can access the full range of security data needed to provide an accurate and complete assessment.

When to Contact Support

If you have questions about how your tenant's licensing affects assessment results, reach out directly.

Email: support@cloudcapsule.io  In-app: Navigate to Support and open a new ticket.