Enterprise Mobility and Security Blog

RSS

The explosion of mobile devices and cloud applications continues to have a profound impact on how people work. At the same time, it has created new challenges for IT in managing and protecting corporate information while empowering workers to be productive using the apps and the devices of their choosing.

In March of 2014, Microsoft introduced the Enterprise Mobility Suite (EMS), a set of cloud services that helps IT manage today’s mobile workforce.  EMS helps IT with mobile device & app management, as well as identity & access management, and information protection. The wide ranging capabilities of EMS have led to rapid adoption.

Enterprise Mobility Momentum

We have seen incredible traction in our enterprise mobility offerings and have grown our end users by 400% in the last year. These customers are now benefiting from:

  • Identity and access management delivered by Microsoft Azure Active Directory Premium
  • Mobile Device Management and Mobile App Management delivered by Microsoft Intune
  • Data protection delivered by Microsoft Azure Rights Management Services

For example, The Walsh Group, a construction firm that specializes in large-scale projects, turned to the Enterprise Mobility Suite to enable BYOD, accommodating employee-owned devices being used on its job sites across the US. In this new workplace reality, The Walsh Group’s IT was able to improve on the ground project-management, reduce business costs through reduced IT labor and better business intelligence, and improve security with centralized identity management at the core.  Learn more about the Walsh Groups use of EMS here.

In addition to the compelling value and comprehensive nature of our EMS offering, Microsoft’s unique approach to mobility is driving customer adoption.  Identity and access management is at the core of our strategy.  Companies must have the tools to manage identity and access for all of their users before they can effectively across multiple devices.

Enterprise mobility is at the core of our mobile-first, cloud-first strategy. We strive to help companies support their employees in using their favorite devices, and to make it as simple as possible to work on those devices. For this reason, we are thrilled to announce capabilities that will make it even easier for IT and the mobile workforce to be productive, while keeping company data secure.

At this year’s TechEd Europe, Microsoft is pleased to announce:

  • New capabilities coming to Microsoft Intune for mobile device and application management – most notably unique integration with Office mobile apps to deliver the leading policy managed and protected collaboration experience across mobile devices.
  • Mobile device management built into Office 365 and powered by Microsoft Intune.
  • News around the rapid innovation and adoption of Azure Active Directory and Azure Rights Management Services.

Microsoft Intune

Microsoft Intune helps organizations provide their employees with access to corporate applications, data, and resources from virtually anywhere on almost any device, while helping secure corporate information.  As a cloud service, we continue to rapidly add new capabilities to Intune, over the next few months we will roll out:

  • Intune-managed Office mobile apps that enable your workforce to securely access corporate data using the apps they know and love while preventing data leakage by restricting actions such as copy/cut/paste/save as and ‘open-in’ between apps in your managed app ecosystem
  • App wrapping capabilities that help secure your existing line-of-business applications, integrating these apps into your managed app ecosystem without further development or code changes
  • Managed browser, PDF viewer, AV player, and Image viewer apps for Intune that allow users to securely view content on their devices within the managed app ecosystem
  • Grant access to corporate resources, including access to Exchange email, based upon device enrollment and compliance policies set by the administrator
  • Bulk enrollment of devices using Apple Configurator or service account, simplifying administration and enabling policies and applications to be deployed at a large scale

These are just a few of the great features coming to Intune over the next two months.  Learn more about Microsoft Intune here.

Mobile Device Management for Office 365

Coming in the first quarter of 2015, Office 365 will roll out built-in mobile device management (MDM) capabilities powered by Microsoft Intune, which will provide organizations the ability to manage Office 365 data across a diverse range of phones and tablets, including iOS, Android and Windows Phone. IT administrators will be able to set and manage mobile device policies, such as passcode lock and jailbreak detection; perform selective wipe of Office 365 data while leaving personal content and apps intact; prevent unauthorized users from accessing corporate email and data when a device is lost or stolen, all directly from within the Office 365 administration portal.  Learn more about Mobile Device Management for O365 here.

We believe that this is a huge step forward in Microsoft’s approach to Enterprise Mobility Management, allowing the mobile workforce to securely use the world’s most ubiquitous productivity solution.

Microsoft Azure Active Directory

Once again the cloud brings with it the advantage of being able to deliver new capabilities directly to customers on a rapid cadence.  In the last 2 months, we have delivered 11 new capabilities, including: device registration, connecting your on-premises directory to the cloud, cloud app discovery, multi-factor authentication, and role-based-access-control, to name a few. On a typical day Azure AD supports more than two billion authentications, and our Premium SKU as part of EMS now brings pre-configured single-sign-on (SSO) to more than 2400 popular SaaS applications.

Some of the new capabilities coming to Azure AD Premium are:

  • Cloud App Discovery (currently in preview) that can help IT departments identify which SaaS applications are being used by employees.
  • A new integrated capability called Azure AD Connect that makes it easier to connect your on-premises assets to the cloud and to synchronize single and multi-forest, on-premises directories to Azure AD, coming in preview by end of the calendar year.
  • Azure AD Application Proxy makes it possible to publish on-premises applications via the cloud to external users, generally available by end of the calendar year.
  • Integration with Workday (currently in preview) to support the import of employee records directly into Azure AD.

Learn more about Azure Active Directory Premium here.

Azure Rights Management Service

Similarly for information protection, we have delivered new capabilities to Azure RMS.  These enable customers to protect data both at-rest and in-motion, and to securely share documents outside their organization, including:

  • A protected PDF (PPDF) file format that is automatically generated by Azure RMS when you share Office documents, ensuring that the recipient can always view your securely shared document across the RMS Sharing Apps on iOS, Android and Windows Phone.
  • Email notifications to ensure users know when documents are accessed and when they have been inappropriately shared.

Learn more about Azure Rights Management Services here.

Learn more about the services included in the Enterprise Mobility Suite or to sign up for a free trial visit microsoft.com/ems.