Enterprise Mobility Security (EMS) is a bundle of Microsoft products that will protect your organization’s data on all devices (phones, tablets, laptops) and allows selective and full remote wiping of data if the device is lost or stolen, and retain control for ensure security, Enterprise Mobility and Security solution also protects against viruses and malware across your organization.
Microsoft EMS Features
Azure Active
Directory
It is the
technology that manages the identities of all your users, also known as the
thing, that checks whether the credentials you wrote are correct or incorrect
after you click 'log in' to access an account or an app.
Microsoft Intune
allows your company
to finally have control over your company's data. With employees bringing their
own devices to work, from their smartphones to their own laptops, it's easy to
lose control over what is happening with your company data. Are employees saving
company files on their laptops? Would your employees keep their anti-malware up
to date? Intune fixes those types of
issues by setting company policies for rules on all devices housing your data.
Some things you can
do with Microsoft Intune:
- Manage the mobile devices and PCs your workforce uses to access company data.
- Manage the mobile apps your workforce uses.
- Protect your company information by helping to control the way your workforce accesses and shares it.
- Ensure devices and apps are compliant with company security requirements.
Azure Information
Protection
you can identity
which of your data is sensitive. Microsoft is smart in that it can detect
things like credit card numbers and social security numbers within a document.
Or you can create custom rules for how to identify sensitive information, so
you do not have to read every file you have. Once you have identified the
sensitive data, you can classify it by labeling it 'secret' or 'sensitive' or
one of the many out of the box labels Microsoft provides you. Then, you can
apply protection policies, such as not allowing an employee to copy and paste
from certain documents.
Microsoft Cloud App
Security
It is a Cloud
Access Security Broker (CASB) that operates on multiple clouds. It provides
rich visibility, control over data travel, and sophisticated analytics to
identify and combat cyberthreats across all your cloud services.
Microsoft Advanced
Threat Analytics
ATA is an
on-premises platform that helps protect your enterprise from multiple types of
advanced targeted cyber-attacks and insider threats, by
leveraging port mirroring from domain controllers and DNS servers and through
deploying the ATA Lightweight Gateway on top of your domain controller.
Azure Advanced
Threat Analytics
It helps to detect
and investigate advanced attacks and insider threats across on-premises, cloud,
and hybrid environments. Using Azure ATP, you can monitor your identity and
network traffic, and identify and track any malicious activities in your
environment. With its end-to-end investigation experience, you can use Azure
ATP to pivot between an entity’s behavior across the organization.
What is the
available Enterprise Mobility + Security offerings?
There are two tiers
of Enterprise Mobility + Security (EMS) called EMS E3 and EMS E5, which can be
bought in these ways:
- Enterprise Mobility + Security E3 includes Azure Active Directory Premium P1, Microsoft Intune, Azure Information Protection P1, Microsoft Advanced Threat Analytics, Azure Rights Management (part of Azure Information Protection).
- Enterprise Mobility + Security E5 includes all the capabilities of Enterprise Mobility + Security E3 plus Azure Active Directory Premium 2 (AADP2), Azure Information Protection P2, Microsoft Cloud App Security, Azure Advanced Threat Protection, Azure Active Directory [AD] Identity Protection (as a feature of AADP P2), Azure AD Privileged Identity Management (as a feature of AADP P2).
EMS E3 can be purchased as a standalone product (monthly/annually).
EMS E3 is included in the Microsoft 365 E3 bundle (monthly/annually).
EMS E5 can be purchased as a standalone product (monthly annually).
EMS E5 is included in the Microsoft 365 E5 bundle (month/annually).