Microsoft Enterprise Mobility Suite (Part 1): Identity and Access Management in the Cloud

Do you know how many cloud applications are being accessed by your employees?
Are your employees sharing valuable information via emails and attachments?
Is Your Help Desk Inundated with Password Reset Requests Over and Over?
Get Started With A FREE Trial Get Started With A FREE Trial Request a Consultation Request a Consultation Download FREE MOBILE DEVICE SECURITY REPORT

Identity and Access Management in the Cloud

From single sign-on to multi-factor authentication, here’s how Azure Active Directory Premium supports mobile security


Talk about an identity crisis. People live in a world today where the entry to just about everything is a username and a password. Keeping track of them is a headache. If you’re an IT administrator, you’ve come to dread the growing stream of complaints from users. “I forgot my password!” “The system won’t let me in!”


The solution is single sign-on (SSO) to multiple applications. It escalates to a necessity when companies grow faster than their IT resources. This is where you’ll find on-premise identity management technologies, such as Microsoft Active Directory Premium, hard at work.

We’re heading to the cloud


But things keep changing. Cloud-based SaaS applications are overtaking the traditional approach of device installations. Identity management on premise is insufficient for this—here’s why.


If all the applications in use by your company reside in your data center, Microsoft Active Directory is a solution for SSO. Each application connects to the local instance of Active Directory. Not everything lives with you, anymore, though. Many applications are migrating to the cloud today. It’s a perfect recipe for identity crisis.


SSO has to become cloud-based, too.

The SSO-lution


Microsoft wouldn’t be the technology leader it is today if it didn’t anticipate changing customer needs. Its Active Directory SSO solution is best in class. Azure Active Directory (AD) premium delivers cloud-based SSO.


The core of how it operates is what makes Azure AD a perfect upgraded solution. On-premise directory service is still essential. What changes is that your data center doesn’t have to connect to a growing number of SaaS external networks. It connects only to Azure AD. It acts as your cloud-based intermediary and makes direct connections to all external SaaS applications.


The identity crisis is resolved. Little about the process changes. Your IT department remains in control. User identities still come from your data center’s directory service. The difference is that your users once again have access to both local and SaaS applications with a single sign on. That’s something they may have already sacrificed in order to use cloud-based SaaS applications.


Azure AD currently provides SSO to more than 2,000 cloud applications including Office 365, Salesforce, Dropbox, Workday, and ServiceNow.

Less trouble, more satisfaction


It’s back to a single sign-on for users, and it reduces related troubleshooting for your IT administrators. Your cloud strategy is likely already a hybrid model, so Azure AD inserts itself with no disruption. Here are more benefits:

  • Self-service password reset to reduce help desk calls.
  • Multi-factor authentication options for greater security. This lets you require your users to provide a password and an additional piece of identity proof. Often it’s a code sent to their mobile phone.
  • Group-based provisioning and single sign-on for thousands of SaaS apps. It also lets you automatically add a user to SaaS applications when the new user is added to Azure AD.
  • Machine learning-driven security reports for visibility and threat management.
  • Robust sync capabilities across cloud and on-premise directories.
  • A tool for discovering which SaaS applications your employees are actually using.
  • Secure remote access to on-premise applications without using a virtual private network (VPN).

Part of a complete solution

Identity and Access Management in the Cloud

Azure AD is part of the Microsoft Enterprise Mobility Suite. Putting it to work for you empowers your people to be productive on the devices they love. It makes BYOD a viable proposition while protecting your company’s assets.


The suite accomplishes this by moving on-premise services to the cloud. The result for your organization is a new direction that gives you security in the mobile-first, cloud first world. Microsoft Enterprise Mobility Suite is tightly integrated, so you have a unified solution for:

  • Managed mobile productivity
  • End-to-end information protection
  • Identity-driven security


We’ll take an in-depth look at the mobile productivity and information protection aspects of EMS in future posts. Until then, you can contact MessageOps’ mobility experts for help creating or strengthening your mobile strategy.

(Visited 260 times, 1 visits today)