Enterprise Mobility Security (EMS) is a bundle of Microsoft products that will protect your organization’s data on all devices (phones, tablets, laptops) and allows selective and full remote wiping of data if the device is lost or stolen, and retain control for ensure security, Enterprise Mobility and Security solution also protects against viruses and malware across your organization.
Microsoft EMS Features
Azure Active Directory
It is the technology that manages the identities of all your users, also known as the thing, that checks whether the credentials you wrote are correct or incorrect after you click 'log in' to access an account or an app.
allows your company to finally have control over your company's data. With employees bringing their own devices to work, from their smartphones to their own laptops, it's easy to lose control over what is happening with your company data. Are employees saving company files on their laptops? Would your employees keep their anti-malware up to date? Intune fixes those types of issues by setting company policies for rules on all devices housing your data.
Some things you can do with Microsoft Intune:
- Manage the mobile devices and PCs your workforce uses to access company data.
- Manage the mobile apps your workforce uses.
- Protect your company information by helping to control the way your workforce accesses and shares it.
- Ensure devices and apps are compliant with company security requirements.
Azure Information Protection
you can identity which of your data is sensitive. Microsoft is smart in that it can detect things like credit card numbers and social security numbers within a document. Or you can create custom rules for how to identify sensitive information, so you do not have to read every file you have. Once you have identified the sensitive data, you can classify it by labeling it 'secret' or 'sensitive' or one of the many out of the box labels Microsoft provides you. Then, you can apply protection policies, such as not allowing an employee to copy and paste from certain documents.
Microsoft Cloud App Security
It is a Cloud Access Security Broker (CASB) that operates on multiple clouds. It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your cloud services.
Microsoft Advanced Threat Analytics
ATA is an on-premises platform that helps protect your enterprise from multiple types of advanced targeted cyber-attacks and insider threats, by leveraging port mirroring from domain controllers and DNS servers and through deploying the ATA Lightweight Gateway on top of your domain controller.
Azure Advanced Threat Analytics
It helps to detect and investigate advanced attacks and insider threats across on-premises, cloud, and hybrid environments. Using Azure ATP, you can monitor your identity and network traffic, and identify and track any malicious activities in your environment. With its end-to-end investigation experience, you can use Azure ATP to pivot between an entity’s behavior across the organization.
What is the available Enterprise Mobility + Security offerings?
There are two tiers of Enterprise Mobility + Security (EMS) called EMS E3 and EMS E5, which can be bought in these ways:
- Enterprise Mobility + Security E3 includes Azure Active Directory Premium P1, Microsoft Intune, Azure Information Protection P1, Microsoft Advanced Threat Analytics, Azure Rights Management (part of Azure Information Protection).
- Enterprise Mobility + Security E5 includes all the capabilities of Enterprise Mobility + Security E3 plus Azure Active Directory Premium 2 (AADP2), Azure Information Protection P2, Microsoft Cloud App Security, Azure Advanced Threat Protection, Azure Active Directory [AD] Identity Protection (as a feature of AADP P2), Azure AD Privileged Identity Management (as a feature of AADP P2).
EMS E3 can be purchased as a standalone product (monthly/annually).
EMS E3 is included in the Microsoft 365 E3 bundle (monthly/annually).
EMS E5 can be purchased as a standalone product (monthly annually).
EMS E5 is included in the Microsoft 365 E5 bundle (month/annually).