Back

Understanding Microsoft EMS

Employees need instant access to information to do their jobs fast and well Introducing Microsoft EMSAs more companies replace physical servers wi...

4 min read
Published on Feb 4, 2016
Understanding Microsoft EMS

Employees need instant access to information to do their jobs fast and well. Introducing: Microsoft EMS

As more companies replace physical servers with flexible cloud environments, there’s one question on everyone’s mind: How do you protect this intellectual property & data?

In the past, you’d simply put permissions on a folder to prevent unauthorized access. But with the cloud, that will no longer suffice. Now, you need to protect data wherever it ends up and on company and personal devices.

The Cloud Security Solution: Enterprise Mobility Suite

While Office 365 offers baseline security protections, it recently rolled out the Enterprise Mobility Suite (EMS) to better track and control data as it moves across locations and devices. Agile IT partnered with Travis Liles, Partner Technology Specialist at Microsoft, to provide an overview of the EMS platform and its functionalities.

EMS encompasses the different layers of security you’ll need to protect critical data. In this article, we’ll discuss the 3 pillars of EMS, including:

  • Unified Identity (Azure AD Premium) — Who is accessing data?
  • Managed Apps & Devices (Intune) — Where are they accessing it?
  • Data Protection (Azure Rights management) — How can you protect data, wherever it goes?

Control access with Active Directory Premium

Office 365 users already utilize Azure AD – their cloud directory – whether they realize it or not. Active Directory Premium allows you to synchronize on-prem Active Directory with cloud-based Active Directory to create a single identity and eliminate the need for multiple passwords. Having centrally managed identities and access provides benefits beyond the Office 365 platform. You can monitor and protect access to SaaS applications through multi-factor authentication (MFA) via email or text, app usage reports and alerting and also suspend MFA from unknown devices.

Ultimately, AD Premium helps ensure the right people have access to the right information on the right devices and empowers users to seamlessly (and safely) log into thousands of SaaS apps.

Manage Apps & Devices with Intune

Intune enables you to manage mobile devices and applications and protect data. You can assign conditional access to email and documents within Exchange and OneDrive for Business or deny access if a device falls out of compliance.

Intune also gives you the ability to enroll and manage corporate-owned devices through bulk enroll or large device deployments. When users get a new phone, they can simply insert their previous SIM card and access all that data instantly.

Protect data with Azure Rights Management

As your users access documents and apps from personal devices, you need to make sure documents are properly taken care of once they leave their environment. Azure Rights Management is one way to control who can see, open, read and edit documents on a granular level. Say you allow a user to open a document only. If he saves it to a USB and someone else tries to open it, it will ask for the original user’s credentials, leaving a digital paper trail.

Why Office 365 & EMS are better together

Office 365 offers base-level features, such as selective wipe and the ability to deploy apps and manage data device settings. When you add EMS, you get support for other mobile workloads & singe sign-on for 3,500 SaaS platforms (e.g., Salesforce, Reuters, etc.) Here are a few examples of the added security benefits you’ll receive:

  • Mobile Device Management (MDM): MDM adds PC management, mobile app management, secure content viewers, certificate provisioning, compliance policies, conditional access and much more on top of baseline Office 365 features.
  • Extended MFA: Just as users must provide additional security credentials when accessing Office 365, multi-factor authentication also extends to other SaaS apps.
  • Information Protection: With EMS, you get protection for on-prem Windows Server file shares, email notifications when sharing documents, email notifications when shared documents are forwarded, Office integration, managed browser and more.

Make sure EMS works for your organization

Want to trial EMS before diving right in? AgileEMS is a production setup configured in your environment that provides the full EMS experience to admins and end users. You can see how EMS works in your workstation and effectively evaluate and plan for it once it’s applied to the entire organization. You’ll simply need 3 workstations, 2 non-PC devices and an existing Office 365 deployment to get stared.

For more information on AgileEMS, contact Agile IT today. To access the complete webinar, click here.

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

Related Posts

Why Hire an MSP to Manage CUI Compliance

Why Hire an MSP to Manage CUI Compliance?

Discover how hiring an MSP to manage CUI compliance streamlines security, meets DFARS and NIST 800-171 requirements, and reduces internal IT burden.

Aug 23, 2025
9 min read
What is FAR CUI and How Does It Affect Contractors?

The FAR CUI: What It Means for Contractors and How to Stay Compliant

Learn about the FAR CUI, its security requirements, and how it impacts federal contractors. Understand the key compliance measures and steps to align with Federal Acquisition Regulation (FAR) guidelines.

Aug 22, 2025
8 min read
What Is Cloud Backup for Microsoft 365 and Azure?

What Is Cloud Backup for Microsoft 365 and Azure?

Learn what cloud backup means for Microsoft 365 and Azure, why native retention isn't enough, and how secure backups protect your critical data.

Aug 21, 2025
6 min read
What Are the Requirements for FAR CUI Compliance?

Understanding the Requirements for FAR CUI Compliance

Learn the best security practices for Azure migration. Protect data, ensure compliance, and minimize risks with Azure security tools and strategies.

Aug 20, 2025
6 min read
GCC High Migration Project Timeline & Phases

Timeline and Phases of a GCC High Migration Project

Discover the timeline and core phases of a successful GCC High migration project—from planning and validation to execution and post-migration governance.

Aug 15, 2025
7 min read
Ensuring Security During Azure Migration

Ensuring Security During Azure Migration

Learn the best security practices for Azure migration. Protect data, ensure compliance, and minimize risks with Azure security tools and strategies.

Aug 14, 2025
6 min read

Ready to Secure and Defend Your Data
So Your Business Can Thrive?

Fill out the form to see how we can protect your data and help your business grow.

Loading...
Secure. Defend. Thrive.

Let's start a conversation

Discover more about Agile IT's range of services by reaching out.

Don't want to wait for us to get back to you?

Schedule a Free Consultation

Location

Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122

Secure. Defend. Thrive.

Don't want to wait for us to get back to you?

Discover more about Agile IT's range of services by reaching out

Schedule a Free Consultation