Back

A closer look at Microsoft EMS from the admin's perspective

The cloud has paved the way to a more productive and collaborative work environment But in breaking down barriers to data sharing security has becom...

4 min read
Published on Feb 18, 2016
A closer look at Microsoft EMS from the admin's perspective

The cloud has paved the way to a more productive and collaborative work environment. But in breaking down barriers to data sharing, security has become a top concern for all organizations venturing into the cloud.

The Enterprise Mobility Suite is Microsoft’s solution to this growing apprehension toward data security in the cloud. EMS is composed of Azure AD Premium, Microsoft Intune & Azure Rights Management — a collection of technologies that create a unified identity and experience for both end users and admins.

Microsoft EMS: A Comprehensive Office 365 Security Solution

Together, the components of EMS consolidate user identities so you don’t have to manage multiple identities when people access third-party apps and disable or enable rights as a corporate environment. You also gain the ability to push out and containerize apps onto all types of devices — including iPhones, Androids or Microsoft phones — to better control and oversee user activity.

Ultimately, Microsoft EMS allows admins to work more efficiently when securing their organization and provides peace of mind knowing exactly who has access to which documents and apps, on which devices and from where.

With EMS, Azure is the underlying technology for directory services. You can get to the Microsoft Azure interface via Office 365 or the Admin Center along with the premium features, including single sign-on to 2,400+ apps, multi-factor authentication on-premises or in the cloud, rights management and much more.

Here’s a closer look at each component of the EMS Admin Portal:

Azure Active Directory

blog0218161 In the Azure AD premium side of the EMS portal, you have complete directory integration and can manage specific aspects of a particular domain, customize your company branding, configure authentication methods, see reports and more. The dashboard clearly outlines anomaly sign ons (e.g., users who have opened apps or logged in from two different cities in one day) and other user reports.

When looking at user identities in the Azure AD portal, you can remove or modify different identities or cloud-based security groups and drill into members and owners of each. For example, you may have a dynamic membership group for salespeople who need to access Salesforce or sales another app. Through Azure, you can easily locate this group and assign the correct app privileges or configure different aspects of Azure AD Premium, such as SSO.

Microsoft Intune

From the Microsoft Azure AD homepage, you can access Microsoft Intune. This single pane of glass gives you an overview of mobile devices, PCs, etc., from anywhere: blog0218162

As you can see, the Intune dashboard offers a breakdown of everything going on via green check marks for you to drill down and assess the status of all mobile devices or get information on specific devices.

Because Microsoft handles the vendor relationships, you don’t have to worry about contacting vendors or setting up a trust for your organization when choosing a new app or functionality. Instead, you can go right into configuring multi-factor authentication, bulk adding users, etc.

Overall, Intune is your one-stop shop for managing devices, deploying apps, enforcing policies, and accessing reports to see what apps are running on, what apps each device has installed on it and more.

Azure Rights Management

blog0218163 The final component of EMS is Azure Rights Management, which enables you to set up policies. With Azure Rights Management, documents that get sent out to the wild using protective folders can adopt specific rules for individual users. Where users could once cart around these documents after gaining access, now you can manage company data down to the document and user (even on USBs).

Within the Azure management experience, you can create policies available or unavailable to users such as taking screen shots of content, copying, sharing data, etc. Microsoft has also made some recent security acquisitions, so new rights management capabilities will soon be available. Enhanced data security features aren’t just nice to have; they’re an absolute necessity in today’s cloud-based world. If you’re unsure whether EMS makes sense for your organization, the AgileEMS POC allows you to trial all the functionalities of EMS to better evaluate its business value.

To learn more about the AgileEMS POC, contact Agile IT today.

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

Related Posts

CMMC compliance for DoD contractors

CMMC Compliance Requirements for DoD Contractors and Subcontractors in the Defense Industry

CMMC compliance is mandatory for DoD contractors and subcontractors. Learn about certification levels, requirements, and the consequences of failing to meet compliance.

Apr 24, 2025
6 min read
How to prepare for a CMMC compliance audit

CMMC Compliance Audit Preparation: A Complete Checklist for Small Businesses

Preparing for a CMMC compliance audit is critical for DoD contractors. Use this checklist to perform a gap analysis, assess CMMC readiness, and prepare for a Level 2 assessment.

Apr 23, 2025
8 min read
FAR CUI vs CMMC Understanding

FAR CUI vs CMMC Understanding the Differences and Overlaps

FAR CUI and CMMC both focus on protecting sensitive federal data, but they have key differences. Learn how they work together and whether FAR CUI compliance aligns with CMMC.

Apr 15, 2025
10 min read
What Is a POAM?

What Is a POAM?

Learn how a Plan of Action and Milestones (POAM) helps meet NIST 800-171 & DFARS compliance. Understand its role in FedRAMP, security categorization, and risk mitigation.

Apr 8, 2025
8 min read
Best Cybersecurity Practices for Achieving CMMC Compliance

Best Cybersecurity Practices for Achieving CMMC Compliance

Achieving CMMC cybersecurity compliance requires strong security controls. Learn best practices for securing your IT environment, protecting CUI, and implementing MFA.

Apr 7, 2025
6 min read
8 Pranks for Windows 11 - Happy April Fools!

8 Pranks for Windows 11 - Happy April Fools!

Happy April Fools Day The day of the year when some IT staff think it might be humorous to do something to generate hundreds of support tickets for ...

Apr 1, 2025
3 min read

Ready to Secure and Defend Your Data
So Your Business Can Thrive?

Fill out the form to see how we can protect your data and help your business grow.

Loading...
Secure. Defend. Thrive.

Let's start a conversation

Discover more about Agile IT's range of services by reaching out.

Don't want to wait for us to get back to you?

Schedule a Free Consultation

Location

Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122

Secure. Defend. Thrive.

Don't want to wait for us to get back to you?

Discover more about Agile IT's range of services by reaching out

Schedule a Free Consultation