Enterprise Mobility Suite Overview

The last few posts have been about Azure Active Directory Premium, and there was an earlier series about Microsoft Intune. Both of these products are part of a larger suite called the Enterprise Mobility Suite (EMS). This Suite of products, which also includes Azure Rights Management, it Microsoft’s answer to BYOD and SaaS. These tools allow enterprises to manage, to a certain extent, BYOD devices that end users use to want to access company resources. It also enables enterprises to leverage hosted SaaS products using enterprise authentication, while also controlling access.

Azure Active Directory Premium

At the center of EMS is Azure Active Directory Premium. So far, there are two posts about Azure AD, so we will not go into much detail here. See those posts for information. I will say though that Azure AD is the foundation of EMS, much like on-premises AD is the foundation of Microsoft technologies for an organization. Also like on-premises, Azure AD is not required for Intune, though it is for Azure Rights Management. For an organization of any size, Azure AD will make life a lot easier, again just like in an on-premises environment.

Microsoft Intune

Intune provides device management. There was also a series about this, but it will be expanded to include some of the new features made available in November 2014 update. Intune provides MDM capabilities to PC’s, iOS, Android, and Windows Phone devices. This type service can be configured to be as stringent as SCCM, or as light as just being able to wipe a device if it is lost. This is the happy medium of MDM, allowing end users with BYOD devices to join to company resources in a secure manner. It provides administrators with the ability to ensure that their resources will be protected if an end user loses a device.

Intune provides software delivery and updates for Windows-based devices. It can also be used to enforce settings such as passcodes and screen locks, as well as automatically configure email accounts. Another important setting is the ability to control whether cloud services, such as iCloud, are allowed to run on devices. This can be a major security hole for most organizations, as it would allow users to save company documents to their personal cloud areas. Intune can also disable things like the camera and Wi-Fi tethering.

Azure Rights Management

Azure Rights Management enables things like multi-factor authentication and document encryption. This is a really cool feature, because unlike NFTS permissions, files protected with Azure Rights Management do not lose their permissions when sent through email, copied from one location to another, or copied to another computer. Those permissions, like who can read or edit the document, persist across any device.

Azure Rights Management can also do the same thing for emails. Users can control whether or not their emails can be forward, or rather the reply all option can be used. Imagine never having to worry about replying-all to a list with a joke that you think is funny, but can also land you in HR. Azure Rights Management can help with that.

I hope you will come back and learn more about Microsoft’s Enterprise Mobility Suite. It is a great topic, and a great way to manage your organization’s resources in a BYOD word.


All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistant.



Contact Us

On Key

More Posts

WME Security Briefing 27 May 2024

Kinsing Hacker Group Exploits Docker Vulnerabilities Overview Recent investigations have shown that the hacker group Kinsing is actively exploiting Docker vulnerabilities to gain unauthorized access to systems. The modified hacker group targets misconfigured Docker API ports deployed with cryptocurrency mining malware.

Read More »
WME Cybersecurity Briefings No. 010
Cyber Security

WME Security Briefing 20 May 2024

Advanced Persistent Threats: North Korean Hackers Launch Golang Malware Overview A new malware strain, called Titan Stealer, is currently actively circulating in the threat landscape, targeting a variety of personal data and linked to North Korean state-sponsored cyber espionage

Read More »
WME Cybersecurity Briefings No. 009
Cyber Security

WME Security Briefing 08 May 2024

Exploitable vulnerability in Microsoft Internet Explorer, used to deploy VBA Malware Overview Cybersecurity researchers discovered a severe exploitation targeting a bug that had already been patched in the Microsoft Internet Explorer browser. Their report added that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.