Back

Understanding Microsoft EMS

Employees need instant access to information to do their jobs fast and well Introducing Microsoft EMSAs more companies replace physical servers wi...

4 min read
Published on Feb 4, 2016
Understanding Microsoft EMS

Employees need instant access to information to do their jobs fast and well. Introducing: Microsoft EMS

As more companies replace physical servers with flexible cloud environments, there’s one question on everyone’s mind: How do you protect this intellectual property & data?

In the past, you’d simply put permissions on a folder to prevent unauthorized access. But with the cloud, that will no longer suffice. Now, you need to protect data wherever it ends up and on company and personal devices.

The Cloud Security Solution: Enterprise Mobility Suite

While Office 365 offers baseline security protections, it recently rolled out the Enterprise Mobility Suite (EMS) to better track and control data as it moves across locations and devices. Agile IT partnered with Travis Liles, Partner Technology Specialist at Microsoft, to provide an overview of the EMS platform and its functionalities.

EMS encompasses the different layers of security you’ll need to protect critical data. In this article, we’ll discuss the 3 pillars of EMS, including:

  • Unified Identity (Azure AD Premium) — Who is accessing data?
  • Managed Apps & Devices (Intune) — Where are they accessing it?
  • Data Protection (Azure Rights management) — How can you protect data, wherever it goes?

Control access with Active Directory Premium

Office 365 users already utilize Azure AD – their cloud directory – whether they realize it or not. Active Directory Premium allows you to synchronize on-prem Active Directory with cloud-based Active Directory to create a single identity and eliminate the need for multiple passwords. Having centrally managed identities and access provides benefits beyond the Office 365 platform. You can monitor and protect access to SaaS applications through multi-factor authentication (MFA) via email or text, app usage reports and alerting and also suspend MFA from unknown devices.

Ultimately, AD Premium helps ensure the right people have access to the right information on the right devices and empowers users to seamlessly (and safely) log into thousands of SaaS apps.

Manage Apps & Devices with Intune

Intune enables you to manage mobile devices and applications and protect data. You can assign conditional access to email and documents within Exchange and OneDrive for Business or deny access if a device falls out of compliance.

Intune also gives you the ability to enroll and manage corporate-owned devices through bulk enroll or large device deployments. When users get a new phone, they can simply insert their previous SIM card and access all that data instantly.

Protect data with Azure Rights Management

As your users access documents and apps from personal devices, you need to make sure documents are properly taken care of once they leave their environment. Azure Rights Management is one way to control who can see, open, read and edit documents on a granular level. Say you allow a user to open a document only. If he saves it to a USB and someone else tries to open it, it will ask for the original user’s credentials, leaving a digital paper trail.

Why Office 365 & EMS are better together

Office 365 offers base-level features, such as selective wipe and the ability to deploy apps and manage data device settings. When you add EMS, you get support for other mobile workloads & singe sign-on for 3,500 SaaS platforms (e.g., Salesforce, Reuters, etc.) Here are a few examples of the added security benefits you’ll receive:

  • Mobile Device Management (MDM): MDM adds PC management, mobile app management, secure content viewers, certificate provisioning, compliance policies, conditional access and much more on top of baseline Office 365 features.
  • Extended MFA: Just as users must provide additional security credentials when accessing Office 365, multi-factor authentication also extends to other SaaS apps.
  • Information Protection: With EMS, you get protection for on-prem Windows Server file shares, email notifications when sharing documents, email notifications when shared documents are forwarded, Office integration, managed browser and more.

Make sure EMS works for your organization

Want to trial EMS before diving right in? AgileEMS is a production setup configured in your environment that provides the full EMS experience to admins and end users. You can see how EMS works in your workstation and effectively evaluate and plan for it once it’s applied to the entire organization. You’ll simply need 3 workstations, 2 non-PC devices and an existing Office 365 deployment to get stared.

For more information on AgileEMS, contact Agile IT today. To access the complete webinar, click here.

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

Related Posts

Common Questions About Azure Migration Answered

Common Questions About Azure Migration Answered

Get answers to the most common Azure migration questions. Learn about costs, best practices, security, compliance, and troubleshooting cloud migration challenges.

Apr 29, 2025
3 min read
AVD vs W365 in GCC high reducing your CMMC scope

AVD vs W365 in GCC High Reducing Your CMMC Scope and Simplifying Compliance

Comparing AVD vs W365 for GCC High? Learn how each can reduce your CMMC assessment scope and simplify security and compliance management in government environments.

Apr 28, 2025
7 min read
Office 365 License Comparison: Business Plans Vs. E5, E3 and E1

Implementing Cybersecurity Policies for CMMC Compliance and Managing CUI

CMMC compliance requires well-documented cybersecurity policies. Learn how to implement security controls, create an SSP and POA&M, and manage Controlled Unclassified Information (CUI).

Apr 25, 2025
7 min read
CMMC compliance for DoD contractors

CMMC Compliance Requirements for DoD Contractors and Subcontractors in the Defense Industry

CMMC compliance is mandatory for DoD contractors and subcontractors. Learn about certification levels, requirements, and the consequences of failing to meet compliance.

Apr 24, 2025
6 min read
How to prepare for a CMMC compliance audit

CMMC Compliance Audit Preparation: A Complete Checklist for Small Businesses

Preparing for a CMMC compliance audit is critical for DoD contractors. Use this checklist to perform a gap analysis, assess CMMC readiness, and prepare for a Level 2 assessment.

Apr 23, 2025
8 min read
FAR CUI vs CMMC Understanding

FAR CUI vs CMMC Understanding the Differences and Overlaps

FAR CUI and CMMC both focus on protecting sensitive federal data, but they have key differences. Learn how they work together and whether FAR CUI compliance aligns with CMMC.

Apr 15, 2025
10 min read

Ready to Secure and Defend Your Data
So Your Business Can Thrive?

Fill out the form to see how we can protect your data and help your business grow.

Loading...
Secure. Defend. Thrive.

Let's start a conversation

Discover more about Agile IT's range of services by reaching out.

Don't want to wait for us to get back to you?

Schedule a Free Consultation

Location

Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122

Secure. Defend. Thrive.

Don't want to wait for us to get back to you?

Discover more about Agile IT's range of services by reaching out

Schedule a Free Consultation