Microsoft 365 licensing is confusing by design. Security features, Copilot add-ons, compliance tools--each comes with separate price tags and overlapping capabilities. Most businesses end up paying for features they already have or don't need.

Here's how to see what you're actually paying for and whether it's worth it.

What's Already Included (That You Might Not Know)

Before buying add-ons, understand what your current plan already provides:

Identity and Access (All Plans)

  • Azure Active Directory (now Entra ID) basics
  • Multi-factor authentication
  • Single sign-on
  • Conditional access (limited in some plans)

Threat Protection (Most Plans)

  • Email scanning for malware
  • Basic phishing protection via Microsoft Defender
  • Safe links and attachments

Compliance Features (Business Premium and Enterprise)

  • Data loss prevention (DLP)
  • Audit logging
  • Retention policies
  • Basic eDiscovery

What You Should Be Able to See

In your Microsoft 365 admin center, you should be able to check:

  • Which licenses are assigned to which users
  • What features are included in each license
  • What add-ons you're paying for
  • Feature usage across your organization

If you can't answer these questions, you're flying blind on M365 spending.

Common Add-On Mistakes

1. Buying Security Features You Already Have

Many businesses buy Defender for Office 365 Plan 1 without realizing their Business Premium plan already includes similar protection. Before adding security licenses:

  • Check what's in your current plan
  • Identify specific gaps you need to fill
  • Compare features tier-by-tier

2. Copilot for Everyone

Microsoft 365 Copilot costs $30/user/month. At scale, that adds up fast. Not every employee needs AI assistance for every task. Consider:

  • Which roles would benefit most from Copilot?
  • What's the ROI per user?
  • Can you start with a pilot group?

3. Enterprise Features for Small Teams

E5 plans include everything--advanced compliance, analytics, unlimited cloud storage. But for a 20-person company, that's likely overkill. Match your plan to your actual needs.

How to Audit Your M365 Spending

Step 1: License Inventory

List every license type you're paying for. Check for:

  • Unused licenses (paying for seats nobody uses)
  • Duplicate features across license types
  • Users with licenses beyond their needs

Step 2: Feature Utilization

Microsoft provides usage reports. Check which features people actually use versus what you're paying for. Common findings:

  • Advanced analytics nobody accesses
  • Compliance features that aren't configured
  • Security tools that aren't enforced

Step 3: Add-On Review

For each add-on, ask:

  • Is this feature included in a plan we already have?
  • Who's using this?
  • What happens if we remove it?

Copilot: When It Makes Sense

Microsoft 365 Copilot can boost productivity--but only if people use it effectively. Before rolling out broadly:

  1. Start small -- Pilot with power users who'll actually adopt it
  2. Measure results -- Track time saved, tasks completed
  3. Train properly -- AI tools require learning to use effectively
  4. Review data access -- Copilot surfaces data based on permissions--make sure those are right

Questions to Ask Your IT Provider

  • "What M365 licenses do we have, and what's included in each?"
  • "Are we paying for any add-ons that duplicate features in our base plan?"
  • "How many unused licenses are we paying for?"
  • "What security features are we paying for but not using?"
  • "If we add Copilot, which users should get it first?"

The Bottom Line

Microsoft 365 licensing complexity works in Microsoft's favor--not yours. The solution is visibility: know what licenses you have, what features they include, and what your people actually use. Before buying add-ons, make sure you're fully using what you already own.

If you can see your M365 spending clearly, you can optimize it. If you can't, you're almost certainly overpaying.