Microsoft Enterprise Mobility + Security (EMS)
With Microsoft Enterprise Mobility + Security (EMS) we continue to build on identity at the core of the solution to maximize your employees’ productivity while at the same time providing the necessary capabilities across security, management of devices and apps, and information protection to ensure that your critical company data is protected. Today we are expanding these capabilities even further with:
- Pass-through authentication with Azure Active Directory, available today in preview, enables secure single sign-on to cloud resources without requiring syncing of passwords to the cloud, or modification to existing on-premises network infrastructure.
- Microsoft Intune’s new Admin Console in Azure, rolling out in preview, makes setting up integrated security and management scenarios across EMS services even easier.
- Azure Information Protection updates that provide even greater flexibility and security for protecting data at the file level. These updates include support for more file types, integration with your on-premises encryption key network, and new options for creating classification and protection policies.
Here’s more on these new capabilities and how our customers will benefit from these innovations:
Pass-through authentication now in preview, lets users securely login to cloud resources by validating their password against their on-premises Active Directory more easily than ever. This feature allows customers that cannot or do not want to store passwords in the cloud (even encrypted ones) to onboard Azure Active Directory and Office 365 without having to modify their corporate network infrastructure and install products such as Active Directory Federation Services (AD FS) or similar third party federation solutions. Pass-through authentication is set up via the Azure AD Connect admin experience as the second option for authentication along with Password Sync and AD FS.
Additionally, with this new update, both “Pass-through authentication” and “Password Synchronization” authentication options will now provide seamless single sign-on to Azure AD connected applications from Windows devices.
The new Intune admin experience on Azure begins rolling out in public preview for new and test tenants. The new console, built in Azure, provides powerful and integrated management of core Microsoft Enterprise Mobility + Security (EMS) solutions, such as conditional access to corporate resources based on device, users or risk, allowing for set up and management of policies between Intune and Azure Active Directory. This new admin experience makes it easier than ever to protect tens of thousands of mobile devices.
Protecting data at the file level throughout its lifecycle, from creation to sharing to tracking and revocation, regardless of where it is stored or accessed, is a key priority for our customers and a unique part of the Microsoft Enterprise Mobility + Security (EMS) solution. Since the release of Azure Information Protection in October we have been listening to customer feedback and are releasing several new capabilities. Below are a few of the highlights:
- Give end users more focused classification and protection options with policies based on group membership.
- Support for more non-Office file types and bulk labelling of data at rest.
- Integrate protection with on-premises keys with Hold Your Own Key (HYOK).
Enterprise Mobility + Security Customer Stories
As more and more customers are choosing EMS, we wanted to share with you some examples of recent customers who have been deploying and using it successfully:
- Whole Foods is embracing identity-driven security with EMS to protect applications
- Avanade balances data security and employee privacy with EMS
Get started with your own Enterprise Mobility + Security deployment.