Enterprise Mobility and Security Blog


Over the last week, I’ve had some really interesting customer conversations, and each of them have had a common theme that I’d like to share.

To begin: Characterizing the demand to learn more about EMS and the Enterprise Mobility features of EMS, Windows 10, Office 365 as “extremely high” would be a huge understatement. In my 25+ years of working on Enterprise Client software, I have never seen this kind of excitement! At least daily I am in face-to-face meetings or on Skype with executives from our customers – and they are all eager to learn more, to make the move to EMS, to provide their workforce with the best user experience possible, and to keep their data safer than ever.

I am having so much fun!

In just about every customer meeting, there are 3 common topics: What do the major marketplace trends mean for their business, How will the technology evolve to match these trends, and How does their IT strategy need to evolve to meet these growing demands?  These conversations are always a lot of fun.

Here are some of the key things we discussed that I think everyone can benefit from considering:

One of the biggest trends currently taking shape in the Enterprise Mobility market is the convergence of what were, previously, adjacent areas. This is most evident in the way we’re seeing the rapid consolidation of 5 areas: Identity management, enterprise mobility management, mobile productivity, data protection, and PC management. This is a topic I’ve written a lot about in the past (here, here, here, here), and I think it is worthy of every organization’s consideration when they start thinking about their plan to scale and adapt long term.

The market known as Enterprise Mobility Management is also very young, and it is currently in the midst of its first really significant shakeout and consolidation. For example, consider some of the previously dominant companies in this space: One has lost more than 70% of its market valuation in the last four months, and another was recently purchased at an amazingly low price. Every customer I spoke with last week brought up these specific examples.

While we discussed these consolidations, each of the customers independently realized something significant: “Wait a second, I have one solution deployed for managed e-mail, another solution for doing MDM, yet another solution for Identity management…” and, in some cases, they even had a fourth solution for Enterprise File Sync. All of these “solutions” had been deployed in just the last two years – all with the purpose of addressing a specific need they’d had at the time.

Without exception, all of these customers then realized what had happened to their infrastructure: Their management strategy was really just disparate point products that were islands unto themselves – all of which were managed independently, not integrated, offered a poor end-user experience, and provided no usable data/telemetry on how these solutions were being used. Their management strategy was awash in non-optimized time, money, energy, and manpower.

The reality is that these various point solutions were state-of-the art two years ago when they were installed. In fact, I can honestly say that, two years, ago, these customers made the right purchasing decisions given the maturity of the market, their needs at the time, and the maturity of the offerings. Now, two years later, these solutions are still delivering what you needed in 2013 – but that kind of functionality is not what you need today and it’s nowhere near the value that is possible now.

At Microsoft, we have engineered Office 365 and EMS to work together seamlessly. What do I mean by “work together?” Here are some examples: We have engineered both the end-user experience and the IT interface to be integrated, we are in the process of bringing together more of the admin experiences, and we are already bringing back telemetry and putting it to work on your behalf.

Without fail, every conversation ended with a new level of understanding about how dramatically the EMM market has evolved and what is now possible – things that were entirely impossible just 12 months ago. Perhaps the single biggest takeaway was just how integrated Microsoft’s solution has become. Two years ago, back when buying 4 different point solutions was considered normal, the seamlessly integrated option of O365+EMS wasn’t even an option. Now it is the only option that makes sense.

To get a sense of just how superior O365+EMS is in terms of both functionality and cost, do a careful reading of this blog post – or just skip to the bottom where you’ll find the following diagram:


The seamlessness of our solutions’ integration is so important that, across Microsoft, we have collectively poured incredible amounts of time into deeply integrating the EMS capabilities with the Office mobile apps. This enables scenarios that are not possible via any other EMM provider. For example: The simple act of a user opening an Office document (Word, Excel, PowerPoint) document from an approved corporate location (e.g. OneDrive for Business or SharePoint) and the Office app automatically understanding that the document being opened is a corporate document and should have Data Loss Prevention policies applied. In that exact same app, if the user opens a document from a personal location (such as OneDrive or Dropbox), the Office mobile apps assume this is a personal document and does not apply Data Loss Prevention polices – thus staying out of the user’s personal life.

This example is a great way to understand how we’ve engineered O365 and EMS to be used together in a way that helps guide the user to use and protect the company data – all within a workflow they already know and understand.

For more info on the multi-use capabilities of MAM and Office, check out these detailed posts:

Another great benefit of the integration of O365+EMS is telemetry. Every second of the day we are gathering information about how our services operate, and we use this data to fine tune and improve those services. An example of this is the data we bring back every time a user authenticates to an app that is using Azure Active Directory. Our telemetry contains the username, the device being used, as well as the time, date, and physical location of the authentication.

In total, we bring this data back for more than 5B authentications every week. Talk about a sea of data!

Using our Machine Learning capabilities in Azure, we use this data to look for patterns that indicate the tale-tale signs of things like a compromised user account. One of the many indicators being analyzed is travel times between login attempts. If someone logs in from Redmond and then logs in again from Moscow less than two hours later – that is an obvious sign of a compromised account. You can see a detailed account of this system (with plenty of screenshots) here. Also, check out the incredibly impressive Advanced Threat Analytics demo.

Just about every organization is under attack, and even the most careful organization will suffer from compromised user accounts. Microsoft has combined the telemetry from O365 and EMS and using the Machine Learning capabilities of Azure to show you these compromised accounts and enable you to block the attacks. This value is unique to the integrated Microsoft solution, and it is an incredible example of how we are putting telemetry to work on your behalf.

And this brings us back to those initial 3 questions I spent last week answering:  What do the major marketplace trends mean for their business, How will the technology evolve to match these trends, and How does their IT strategy need to evolve to meet these growing demands?

I believe the answer to these questions is now pretty simple:  You need to move from the point products you may already have in place, and deploy an integrated and comprehensive solution.  Insist on a solution where the services have been engineered to both work together and deliver the value that comes from building upon the data you already have.