Microsoft Enterprise Mobility + Security

Microsoft Enterprise Mobility + Security (EMS) was designed to help manage and protect users, devices, apps, and data. This integrated suite of products enables companies to manage who has access to corporate resources, while protecting and securing business and customer information on all devices, anywhere, in real-time.Microsoft Enterprise Mobility + Security offers holistic, data-driven protection helping your business take the next step in increasing productivity.

The core enterprise mobility management (EMM) functionality is provided by Microsoft Intune, responsible for mobile device management (MDM), mobile application management (MAM) and a separate level of PC management.

Microsoft EMS includes four components:

  • Azure Active Directory Premium
  • Microsoft Intune
  • Azure Rights Management
  • Microsoft Advanced Threat Analytics

Azure Active Directory Premium is “single sign-on for your company”. Every employee has a profile in Azure Active directory which is linked to all of their other logins.   Your employees can sign into almost any service regardless of device model, location, or user identity.

Microsoft Intune allows you to link an unlimited number of mobile devices to an employees’ Active Directory profile.  Microsoft Intune is your secure link between an employee’s mobile device (iOS, Android, Windows) and corporate data.

Azure Rights Management is “document-level security”.  With Azure Rights Management, every single time protected data is viewed, a check is done to see if the person viewing the file is allowed to do so.

Microsoft Advanced Threat Analytics is “real-time monitoring for security purposes”.  Because Microsoft EMS is mostly in the cloud, all kinds of standardized data is collected.