Microsoft Enterprise Mobility Suite

The challenges
· Users expect to be productive across a variety of device types, with access
to the applications they need.
· Businesses need to unify their infrastructure technology environment with
a common identity across on-premises Active Directory Domain Services
(AD DS) and the cloud, with deeply integrated capabilities for PC and
mobile device management.
· Businesses must protect their data, so they require a comprehensive set
of access control and data-protection capabilities

Elements of the Microsoft Enterprise Mobility Suite

Microsoft Enterprise Mobility Suite is built on the following Microsoft cloud platforms:

• Azure Active Directory Premium for identity rights management
• Microsoft Intune for MDM and mobile application management (MAM)
• Azure Rights Management for document and data security

Microsoft Enterprise Mobility Suite is available through the Microsoft Enterprise Volume Purchasing plan.

Cloud-based Identity & Access Management

Azure Active Directory(AAD) is a comprehensive, cloud-based identity/access management solution which includes core directory services that already support some of the largest cloud services (including Office 365) with billions of authentications every week. AAD acts as your identity hub in the cloud for single sign-on to Office 365 and hundreds of other cloud services.

Azure AD Premium builds on AAD’s functionality and gives IT a powerful set of capabilities to manage identities and access to the SaaS applications that end-users need.

Azure AD Premium is packed with features that save IT teams time and money, for example:

• It delivers group management and self-service password reset – dramatically cutting the time/cost of help desk calls.
• It provides a per-configured single sign on to more than 1,000 popular SaaS applications so IT can easily manage access for users with one set of credentials.
• To improve visibility for IT and security, it includes security reporting to identify and block threats (e.g. anomalous logins) and require multi-factor authentication for users when these abnormalities are detected.

Cloud-delivered MDM

Windows Intune is Microsoft`s cloud-based MDM and PC management solution that helps IT enable their employees to be productive on the devices they love.

Since its launch, they have regularly delivered updates to this service at a cloud cadence. In October 2013 and January 2014, they added new capabilities like e-mail profile management for iOS, selective wipe, iOS 7 data protection configuration, and remote lock and password reset.

Data Protection from the Cloud

Microsoft Azure Rights Management is a powerful and easy-to-use way for organizations to protect their critical information when it is at rest or in transit.

This service is already available today as part of Office 365, and Microsoft recently added the extended capability for existing on-prem deployments. Azure RMS now supports the connection to on-prem Exchange, SharePoint, and Windows Servers.

In addition to these updates, Azure RMS also offers customers the option to bring their own key to the service, as well as access to logging information by enabling access policy to be embedded into the actual documents being shared. When a document is being shared in this manner, the user’s access rights to the document are validated each time the document is opened. If an employee leaves an organization or if a document is accidentally sent to the wrong individual, the company’s data is protected because there is no way for the recipient to open the file.

Cost Effective Licensing

Now with these three cloud services brought together in the EMS, Microsoft has made it easy and cost-effective to acquire the full set of capabilities necessary to manage today’s (and the future’s) enterprise mobility challenges.

As Microsoft has built the Enterprise Mobility Suite they also have thought deeply about the need to really simplify how EMS is licensed and acquired. With this in mind, EMS is licensed on a per-user basis.  This means that you spend less time worrying about the number of devices in use, or implementing policies that will limit the types of devices that can be used.

The Enterprise Mobility Suite offers more capabilities for enabling BYO and SaaS than anyone in the market – and at a fraction of the cost charged elsewhere in the industry.

his is a major opportunity for IT organizations to take huge leaps forward in their mobility strategy and execution, and Microsoft is committed to supporting every element of this cloud-based, device-based, mobility-centric transformation.

Why Microsoft Enterprise Mobility?

Enterprise-grade security

A key concern for you continues to be security, and rightly so. Identity is the control plane at the center of our solution helping you to be more secure. Only Microsoft offers cloud identity and access management solutions running at Internet scale and designed to help secure your IT environment. Microsoft Azure Active Directory has hundreds of millions of users, is available in 35 data centers around the world, and has processed more than 1 trillion (yes, trillion) authentications. Our innovative new technology, Microsoft Advanced Threat Analytics is designed to help you identify advanced persistent threats in your organization before they cause damage.

KEY FEATURES

• Threat detection: Detect abnormal user behavior, suspicious activities, known malicious attacks and security issues right away. Focus on what is important using a simple, convenient feed.
• Conditional access: Control access to applications and other corporate resources like email and files with policy-based conditions that evaluate criteria such as device health, user location etc. This includes support for multi-factor authentication (MFA).
• Single sign-on: Sign in once to the cloud and on-premises web apps from any device. Pre-integrated support for Salesforce, Concur, Workday, and thousands more popular SaaS apps.

It’s more flexible

Architecture matters. That’s why our enterprise mobility management solutions are designed to run in the cloud and work seamlessly with your existing on-premises infrastructure.

Our cloud-first approach to managing a mobile enterprise is the fastest, most cost-effective way to meet new business challenges and accommodate new devices, new apps, and new hires—without worrying about scale, maintenance or updates.

KEY FEATURES

• From the cloud: Keep up with new apps and new devices without the hassle of updating on-premises infrastructure.
• Simpler secure access: Help deliver secure access to apps and data without complex connections to your on-premises network.
• Works with what you have: Make the best use of existing identity and device management investments including Active Directory and System Center

Nobody manages Office better

• Protecting email and other corporate data on mobile devices—without bogging down workers—is one of today’s biggest IT challenges. Other vendors solve it with apps that compromise user experience and put the brakes on productivity.
• Microsoft enterprise mobility solutions integrate deeply with Microsoft Office, the gold standard of productivity. It’s the only solution that brings managed mobile productivity with Microsoft Office across devices.

It’s all you need—at one great value

Microsoft has the only enterprise mobility solution designed to help manage and protect users, devices, apps (PC or mobile), and data.

Not only is Microsoft the most comprehensive solution, it’s also a great value: Our Enterprise Mobility Suite is 58% less than standalone products from other vendors.