SlideShare uma empresa Scribd logo

Microsoft EMS and Office 365 - Better Together

David J Rosenthal
David J Rosenthal

EMS extends the capabilities of Office 365 in three key areas: Deliver and manage access to all your apps. With Office 365, users get convenient single sign to Office Mobile apps. EMS extends this convenience to all apps to 1000’s of cloud and on-premises apps with a single identity managed and protected. Manage your mobile apps and empower collaboration. Its not enough to simply control access to apps. To better protect data, EMS also enables you to control how users actually share data within these apps with people inside and outside the company. Secure against on-premises and cloud-based threats. EMS protects your organization at the front door by managing and protecting users identities. It also works to detect internal threats uses cutting-edge behavioral analytics and anomaly detection technologies to uncover suspicious activity and pinpoint threats—on-premises and in the cloud.

Tecnologia
1 de 29
Baixar para ler offline
Enterprise Mobility + Security Why should Office365 customers consider EMS? David J. Rosenthal, VP & GM, Digital Business Solutions Razor Technology Microsoft Briefing Center, NYC February 23, 2017
Secure access Single sign-on experience augmented by self-service capabilities. Mobile management Control how data within Office Mobile apps (and other apps) is shared. Advanced security Protect against identity breaches that can result in data loss. Extending Office 365 capabilities through EMS
Secure access
Conditions Device state • Allow • Remediate • Block access • Wipe device Actions User MFA Microsoft Azure Location (IP range) User group Risk On-premises applications • Enforce MFA
Ensure the right people have access to apps and files under the right conditions. On-premises applications Microsoft Azure Enable compliant users with easy access to all resources. Adjust access policies in real time with machine learning. Empower users with self-service options.
EMS connects your workforce to 1000s of cloud and on-premises applications using one unified identity. Single sign-on to Office 365 and all other applications User SINGLE SIGN- ON TO ALL APPS On-premises applications Microsoft Azure
Cloud HR Web apps (Azure Active Directory Application Proxy) Integrated custom apps SaaS apps HR and other directories 2500+ popular SaaS apps Connect and sync on-premises directories with Azure Easily publish on-premises web apps via Application Proxy + Custom apps through a rich standards-based platform Microsoft Azure AD
Risk severity calculation Remediation recommendations Risk-based conditional access automatically protects against suspicious logins and compromised credentials. Gain insights from a consolidated view of machine learning based threat detection. Risk-based policies MFA Challenge Risky Logins Block attacks Change bad credentials Machine-Learning Engine Leaked credentials Infected devices Configuration vulnerabilities Brute force attacks Suspicious sign- in activities
Enforce on-demand, just-in-time administrative access when needed. Gain more visibility through alerts, audit reports, and access reviews. Global Administrator Billing Administrator Exchange Administrator User Administrator Password Administrator
Account, apps and group management Self-service password reset Application access requests Integrated Office 365 app launching Self-service capabilities in EMS include:
Mobile management
Protect Office Mobile app data with • App encryption at rest • App access control – PIN or credentials • Save as/copy/paste restrictions • App-level selective wipe Extend protection to line of business and third-party apps Personal apps Corporate apps MDM policies MAM policies MDM – optional (Intune or third party) Azure Rights Management Microsoft Intune Corporate data Personal data Multi-identity policy
Intune gives you the option to manage the data, without the need to manage the device. A great option for BYOD scenarios where your end users may be reluctant to enroll their personal devices. Protect with and without enrollment
SECRET CONFIDENTIAL INTERNAL NOT RESTRICTED IT admin can set policies, templates, and rules. Classifications, labels and encryption can be applied automatically based on file source, context, and content. EMS extends Office 365 manual protection of files with automatic protection to ensure policy compliance. User can build on policies. User can track file and revoke access if needed.
Revoke access in the case of unexpected sharing Track who accessed the data, when, and where Sue Bob Jane Jane Competitors Jane’s access is revoked Bob accessed from South America Jane accessed from India Joe blocked in North America Jane blocked in Africa Sue Map View
Advanced security
Shadow IT Data breach Employees Partners Customers Cloud apps Identity Devices Apps & Data Transition to cloud & mobility New attack landscape Current defenses not sufficient Identity breach On-premises apps SaaS Azure
Microsoft Advanced Threat Analytics brings the behavioral analytics concept to IT and the organization’s users. An on-premises platform to identify advanced security attacks and insider threats before they cause damage Behavioral Analytics Detection of advanced attacks and security risks Advanced Threat Detection
Shadow IT Sanctioned App Security Visibility and control Compliance and regulations Integration with existing systems and workflows Cloud security expertise Cloud Discovery
Cross-SaaS solution • Shadow IT discovery • Advanced visibility, data control, and protection • Threat detection and prevention Office 365 Advanced Security Management Enhanced visibility and control for Office 365 • Discovery for apps with similar functionality to Office 365 • App permissions and control • Advanced security alerts Cloud App Security
Enterprise Mobility + Security Basic identity mgmt. via Azure AD for O365: • Single sign-on for O365 • Basic multi-factor authentication (MFA) for O365 Basic mobile device management via MDM for O365 • Device settings management • Selective wipe • Built into O365 management console RMS protection via RMS for O365 • Protection for content stored in Office (on-premises or O365) • Access to RMS SDK • Bring your own key Advanced Security Management • Insights into suspicious activity in Office 365 Azure Active Directory • Risk based conditional access • Advanced security reports • Single sign-on for all apps • Advanced MFA • Dynamic Groups, Group based licensing assignment • Privileged identity management Identity and access management Cloud App Security • Visibility and control for all cloud apps Advanced Threat Analytics • Identify advanced threats in on premises identities Identity-driven security Intune • Mobile app management • Users self-service management • Certificate provisioning • PC management Azure Information Protection • Automated intelligent classification and labeling of data • Tracking and notifications for shared documents • Protection for on-premises Windows Server file shares Information protection Managed mobile productivity
Capabilities and features - details
Directory as a service (no object limit) ● ● User and group management ● ● Single sign-on for pre-integrated SaaS and custom applications ● ● Security/usage reports ● ● Self-service password reset for cloud users ● ● Company branding (logon pages/access panel customization) ● ● Application proxy ● ● SLA 99.9% ● ● Self-Service Group and app Management/Self-Service application additions/ Dynamic Groups ● ● Self-service password reset/change/unlock with write-back to on-premises directories ● ● Multi-Factor Authentication (cloud and on-premises (MFA server)) ● Limited cloud-only for Office 365 Apps ● MDM auto-enrollment, Self-service BitLocker recovery, additional local administrators to Windows 10 devices via Azure AD Join, Enterprise State Roaming ● ● Group-based access management/provisioning ● MIM CAL + MIM Server*** ● Cloud app discovery ● Connect Health ● Conditional Access based on group/location/device state ● Identity Protection ● Privileged Identity Management ● Join a Windows 10 device to Azure AD, Desktop SSO, Microsoft Passport for Azure AD, Administrator BitLocker recovery ● *Default usage quota is 150,000 objects. An object is an entry in the directory service, represented by its unique distinguished name. An example of an object is a user entry used for authentication purposes. If you need to exceed this default quota, please contact support. The 500K object limit does not apply for Office 365, Microsoft Intune, or any other Microsoft paid online service that relies on Azure Active Directory for directory services. **With Azure AD Free and Azure AD Basic, end-users are entitled to get single sign-on access for up to 10 applications. ***Microsoft Identity Manager Server software rights are granted with Windows Server licenses (any edition). Since Microsoft Identity Manager runs on Windows Server OS, as long as the server is running a valid, licensed copy of Windows Server, then Microsoft Identity Manager can be installed and used on that server. No other separate license is required for Microsoft Identity Manager Server.
RMS for O365* Azure RMS (EMS) Protection for Microsoft Exchange Online, Microsoft SharePoint Online, and Microsoft OneDrive for Business content ● ● Bring Your Own Key (BYOK) for customer-managed key provisioning life cycle2 ● ● Custom templates, including departmental templates ● ● Protection for on-premises Exchange and SharePoint content via Rights Management Services (RMS) connector ● ● RMS software developer kit for all platforms: Windows, Windows Mobile, iOS, Mac OSX, and Android ● ● Protection for non-Microsoft Office file formats, including PTXT, PJPG, and PFILE (generic protection) ●** ● RMS content consumption by using work or school accounts from RMS policy-aware apps and services ● ● RMS content creation by using work or school accounts ●*** ● Manual document classification and consumption of classified documents ● ● Automated data classification and administrative support for automated rule sets ● Hold Your Own Key (HYOK) that spans Azure RMS and Active Directory RMS for highly regulated scenarios ● RMS connector with on-premises Windows Server file shares by using the File Classification Infrastructure (FCI) connector ● Document tracking and revocation ● *Some Office 365 subscriptions also include data protection using Microsoft Azure RMS. For information on those Office 365 subscriptions and the data protection capabilities they include, refer to Azure Information Protection licensing datasheet. **Azure subscription required to use configured key for Bring Your Own Key (BYOK). ***Currently, you can also use this free subscription to help protect documents and create new email messages with enhanced protection. However, the ability to author new protected content is intended for trial use only and might be removed in the future.
Cloud-based management for iOS, Android, and Windows Phone. ● ● ● Device configuration Inventory mobile devices that access corporate applications ● ● ● Remote factory reset (full device wipe) ● ● ● Mobile device configuration settings (PIN length, PIN required, lock time, etc.) ● ● ● Self-service password reset (Office 365 cloud only users) ● ● ● Office365 Provides reporting on devices that do not meet IT policy ● ● Group-based policies and reporting (ability to use groups for targeted device configuration) ● ● Root cert and jailbreak detection ● ● Remove Office 365 app data from mobile devices while leaving personal data and apps intact (Selective wipe) ● ● Prevent access to corporate email and documents based upon device enrollment and compliance policies ● ● Premiummobile device&appmanagement Self-service Company Portal for users to enroll their own devices and install corporate apps ● Deploy certificates, VPN profiles (including app-specific profiles), and Wi-Fi profiles ● Prevent cut/copy/paste/save as of data from corporate apps to personal apps (Mobile application management) ● Secure content viewing via Managed browser, PDF viewer, Imager viewer, and AV player apps for Intune ● Remote device lock via self-service Company Portal and via admin console ● Enroll and manage collections of corporate-owned devices, simplifying policy and app deployment. ● Deploy your internal line-of-business apps and apps in stores to users. ● Enable more secure web browsing using the Intune Managed Browser app ● PC management Cloud-based management for Mac OS X and Windows PCs. ● PC management (e.g. inventory, antimalware, patch, policies, etc.) ● OS deployment (via System Center ConfigMgr) ● PC software management ● Single management console for PCs and mobile devices (through integration with System Center ConfigMgr) ●
Contact us for additional information & deployment offers David.Rosenthal@razor-tech.com

Recomendados

Aluminum and Glyphosate Can Synergistically Induce Pineal Gland Pathology: Co...
Aluminum and Glyphosate Can Synergistically Induce Pineal Gland Pathology: Co...Aluminum and Glyphosate Can Synergistically Induce Pineal Gland Pathology: Co...
Aluminum and Glyphosate Can Synergistically Induce Pineal Gland Pathology: Co...
Jose Carvalho
 
Protecting Your Business from Cybercrime - Cybersecurity 101
Protecting Your Business from Cybercrime - Cybersecurity 101Protecting Your Business from Cybercrime - Cybersecurity 101
Protecting Your Business from Cybercrime - Cybersecurity 101
David J Rosenthal
 
Secure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and AtidanSecure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and Atidan
David J Rosenthal
 
Identity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyIdentity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor Technology
David J Rosenthal
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI Explainer
Luminary Labs
 
EMS Diagram Click Through Web
EMS Diagram Click Through WebEMS Diagram Click Through Web
EMS Diagram Click Through Web
Eric Inch
 
Securing Business-Information from Microsoft -Presented by Atidan
Securing Business-Information from Microsoft -Presented by AtidanSecuring Business-Information from Microsoft -Presented by Atidan
Securing Business-Information from Microsoft -Presented by Atidan
David J Rosenthal
 
Progam slides | December 17, 2013 | Federal Cloud Computing Summit
Progam slides | December 17, 2013 | Federal Cloud Computing SummitProgam slides | December 17, 2013 | Federal Cloud Computing Summit
Progam slides | December 17, 2013 | Federal Cloud Computing Summit
Tim Harvey
 

Recomendados

Aluminum and Glyphosate Can Synergistically Induce Pineal Gland Pathology: Co...
Aluminum and Glyphosate Can Synergistically Induce Pineal Gland Pathology: Co...Aluminum and Glyphosate Can Synergistically Induce Pineal Gland Pathology: Co...
Aluminum and Glyphosate Can Synergistically Induce Pineal Gland Pathology: Co...
Jose Carvalho
 
Protecting Your Business from Cybercrime - Cybersecurity 101
Protecting Your Business from Cybercrime - Cybersecurity 101Protecting Your Business from Cybercrime - Cybersecurity 101
Protecting Your Business from Cybercrime - Cybersecurity 101
David J Rosenthal
 
Secure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and AtidanSecure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and Atidan
David J Rosenthal
 
Identity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyIdentity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor Technology
David J Rosenthal
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI Explainer
Luminary Labs
 
EMS Diagram Click Through Web
EMS Diagram Click Through WebEMS Diagram Click Through Web
EMS Diagram Click Through Web
Eric Inch
 
Securing Business-Information from Microsoft -Presented by Atidan
Securing Business-Information from Microsoft -Presented by AtidanSecuring Business-Information from Microsoft -Presented by Atidan
Securing Business-Information from Microsoft -Presented by Atidan
David J Rosenthal
 
Progam slides | December 17, 2013 | Federal Cloud Computing Summit
Progam slides | December 17, 2013 | Federal Cloud Computing SummitProgam slides | December 17, 2013 | Federal Cloud Computing Summit
Progam slides | December 17, 2013 | Federal Cloud Computing Summit
Tim Harvey
 
Doing Business with DHS (Feb 2015)
Doing Business with DHS (Feb 2015)Doing Business with DHS (Feb 2015)
Doing Business with DHS (Feb 2015)
Tom "Blad" Lindblad
 
Online werkplek Drenthe College
Online werkplek Drenthe CollegeOnline werkplek Drenthe College
Online werkplek Drenthe College
Remco Ploeg
 
Enterprise Mobility + Security : tour d'horizon
Enterprise Mobility + Security : tour d'horizonEnterprise Mobility + Security : tour d'horizon
Enterprise Mobility + Security : tour d'horizon
Maxime Rastello
 
ALSO Roadshow - Azure and EMS presentation
ALSO Roadshow - Azure and EMS presentation ALSO Roadshow - Azure and EMS presentation
ALSO Roadshow - Azure and EMS presentation
Olav Tvedt
 
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...
Edge Pereira
 
Microsoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - AtidanMicrosoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - Atidan
David J Rosenthal
 
Protect your data in / with the Cloud
Protect your data in / with the CloudProtect your data in / with the Cloud
Protect your data in / with the Cloud
GWAVA
 
Survey solutions for ngo
Survey solutions for ngoSurvey solutions for ngo
Survey solutions for ngo
Incidence
 
Incidence 2017
Incidence 2017Incidence 2017
Incidence 2017
Incidence
 
jQuery in 10 minuten
jQuery in 10 minutenjQuery in 10 minuten
jQuery in 10 minuten
Anne Jan Roeleveld
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
Chris Genazzio
 
Intelligent Automation - The Evolution of Automated Business Processes
Intelligent Automation - The Evolution of Automated Business ProcessesIntelligent Automation - The Evolution of Automated Business Processes
Intelligent Automation - The Evolution of Automated Business Processes
Swiss Post Solutions
 
64 point fft chip
64 point fft chip64 point fft chip
64 point fft chip
ShalyJ
 
Public Relations and NGO sector in UK
Public Relations and NGO sector in UKPublic Relations and NGO sector in UK
Public Relations and NGO sector in UK
Gunjan W
 
Unknown inventors1
Unknown inventors1Unknown inventors1
Unknown inventors1
swarnim mandlik
 
Unknown inventors
Unknown inventorsUnknown inventors
Unknown inventors
Abdul Aziz
 
unknown Inventors
unknown Inventorsunknown Inventors
unknown Inventors
8ganavickii
 
Microsoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleMicrosoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made Simple
David J Rosenthal
 
Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021
David J Rosenthal
 
Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021
David J Rosenthal
 
Viva Connections from Microsoft
Viva Connections from MicrosoftViva Connections from Microsoft
Viva Connections from Microsoft
David J Rosenthal
 
Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chain
David J Rosenthal
 

Mais conteúdo relacionado

Destaque

Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
Chris Genazzio
 
64 point fft chip
64 point fft chip64 point fft chip
64 point fft chip
ShalyJ
 

Destaque (17)

Doing Business with DHS (Feb 2015)
Doing Business with DHS (Feb 2015)Doing Business with DHS (Feb 2015)
Doing Business with DHS (Feb 2015)
 
Online werkplek Drenthe College
Online werkplek Drenthe CollegeOnline werkplek Drenthe College
Online werkplek Drenthe College
 
Enterprise Mobility + Security : tour d'horizon
Enterprise Mobility + Security : tour d'horizonEnterprise Mobility + Security : tour d'horizon
Enterprise Mobility + Security : tour d'horizon
 
ALSO Roadshow - Azure and EMS presentation
ALSO Roadshow - Azure and EMS presentation ALSO Roadshow - Azure and EMS presentation
ALSO Roadshow - Azure and EMS presentation
 
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...
 
Microsoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - AtidanMicrosoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - Atidan
 
Protect your data in / with the Cloud
Protect your data in / with the CloudProtect your data in / with the Cloud
Protect your data in / with the Cloud
 
Survey solutions for ngo
Survey solutions for ngoSurvey solutions for ngo
Survey solutions for ngo
 
Incidence 2017
Incidence 2017Incidence 2017
Incidence 2017
 
jQuery in 10 minuten
jQuery in 10 minutenjQuery in 10 minuten
jQuery in 10 minuten
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
 
Intelligent Automation - The Evolution of Automated Business Processes
Intelligent Automation - The Evolution of Automated Business ProcessesIntelligent Automation - The Evolution of Automated Business Processes
Intelligent Automation - The Evolution of Automated Business Processes
 
64 point fft chip
64 point fft chip64 point fft chip
64 point fft chip
 
Public Relations and NGO sector in UK
Public Relations and NGO sector in UKPublic Relations and NGO sector in UK
Public Relations and NGO sector in UK
 
Unknown inventors1
Unknown inventors1Unknown inventors1
Unknown inventors1
 
Unknown inventors
Unknown inventorsUnknown inventors
Unknown inventors
 
unknown Inventors
unknown Inventorsunknown Inventors
unknown Inventors
 

Mais de David J Rosenthal

Microsoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleMicrosoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made Simple
David J Rosenthal
 
Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chain
David J Rosenthal
 
Microsoft Viva Introduction
Microsoft Viva IntroductionMicrosoft Viva Introduction
Microsoft Viva Introduction
David J Rosenthal
 
Microsoft Viva Learning
Microsoft Viva LearningMicrosoft Viva Learning
Microsoft Viva Learning
David J Rosenthal
 
Microsoft Viva Topics
Microsoft Viva TopicsMicrosoft Viva Topics
Microsoft Viva Topics
David J Rosenthal
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
David J Rosenthal
 
Windows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldWindows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid World
David J Rosenthal
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the Enterprise
David J Rosenthal
 
Microsoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantMicrosoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital Assistant
David J Rosenthal
 
What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021
David J Rosenthal
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft Azure
David J Rosenthal
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
David J Rosenthal
 
Nintex Worflow Overview
Nintex Worflow OverviewNintex Worflow Overview
Nintex Worflow Overview
David J Rosenthal
 

Mais de David J Rosenthal (20)

Microsoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleMicrosoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made Simple
 
Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021
 
Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021
 
Viva Connections from Microsoft
Viva Connections from MicrosoftViva Connections from Microsoft
Viva Connections from Microsoft
 
Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chain
 
Microsoft Viva Introduction
Microsoft Viva IntroductionMicrosoft Viva Introduction
Microsoft Viva Introduction
 
Microsoft Viva Learning
Microsoft Viva LearningMicrosoft Viva Learning
Microsoft Viva Learning
 
Microsoft Viva Topics
Microsoft Viva TopicsMicrosoft Viva Topics
Microsoft Viva Topics
 
A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 Overview
 
Windows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldWindows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid World
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the Enterprise
 
Microsoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantMicrosoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital Assistant
 
What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft Azure
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
 
Nintex Worflow Overview
Nintex Worflow OverviewNintex Worflow Overview
Nintex Worflow Overview
 
Microsoft Power BI Overview
Microsoft Power BI OverviewMicrosoft Power BI Overview
Microsoft Power BI Overview
 

Último

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 

Último (20)

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 

Microsoft EMS and Office 365 - Better Together

  • 1. Enterprise Mobility + Security Why should Office365 customers consider EMS? David J. Rosenthal, VP & GM, Digital Business Solutions Razor Technology Microsoft Briefing Center, NYC February 23, 2017
  • 2.
  • 3.
  • 4. Secure access Single sign-on experience augmented by self-service capabilities. Mobile management Control how data within Office Mobile apps (and other apps) is shared. Advanced security Protect against identity breaches that can result in data loss. Extending Office 365 capabilities through EMS
  • 6.
  • 7. Conditions Device state • Allow • Remediate • Block access • Wipe device Actions User MFA Microsoft Azure Location (IP range) User group Risk On-premises applications • Enforce MFA
  • 8. Ensure the right people have access to apps and files under the right conditions. On-premises applications Microsoft Azure Enable compliant users with easy access to all resources. Adjust access policies in real time with machine learning. Empower users with self-service options.
  • 9. EMS connects your workforce to 1000s of cloud and on-premises applications using one unified identity. Single sign-on to Office 365 and all other applications User SINGLE SIGN- ON TO ALL APPS On-premises applications Microsoft Azure
  • 10. Cloud HR Web apps (Azure Active Directory Application Proxy) Integrated custom apps SaaS apps HR and other directories 2500+ popular SaaS apps Connect and sync on-premises directories with Azure Easily publish on-premises web apps via Application Proxy + Custom apps through a rich standards-based platform Microsoft Azure AD
  • 11. Risk severity calculation Remediation recommendations Risk-based conditional access automatically protects against suspicious logins and compromised credentials. Gain insights from a consolidated view of machine learning based threat detection. Risk-based policies MFA Challenge Risky Logins Block attacks Change bad credentials Machine-Learning Engine Leaked credentials Infected devices Configuration vulnerabilities Brute force attacks Suspicious sign- in activities
  • 12. Enforce on-demand, just-in-time administrative access when needed. Gain more visibility through alerts, audit reports, and access reviews. Global Administrator Billing Administrator Exchange Administrator User Administrator Password Administrator
  • 13. Account, apps and group management Self-service password reset Application access requests Integrated Office 365 app launching Self-service capabilities in EMS include:
  • 15. Protect Office Mobile app data with • App encryption at rest • App access control – PIN or credentials • Save as/copy/paste restrictions • App-level selective wipe Extend protection to line of business and third-party apps Personal apps Corporate apps MDM policies MAM policies MDM – optional (Intune or third party) Azure Rights Management Microsoft Intune Corporate data Personal data Multi-identity policy
  • 16. Intune gives you the option to manage the data, without the need to manage the device. A great option for BYOD scenarios where your end users may be reluctant to enroll their personal devices. Protect with and without enrollment
  • 17. SECRET CONFIDENTIAL INTERNAL NOT RESTRICTED IT admin can set policies, templates, and rules. Classifications, labels and encryption can be applied automatically based on file source, context, and content. EMS extends Office 365 manual protection of files with automatic protection to ensure policy compliance. User can build on policies. User can track file and revoke access if needed.
  • 18. Revoke access in the case of unexpected sharing Track who accessed the data, when, and where Sue Bob Jane Jane Competitors Jane’s access is revoked Bob accessed from South America Jane accessed from India Joe blocked in North America Jane blocked in Africa Sue Map View
  • 20. Shadow IT Data breach Employees Partners Customers Cloud apps Identity Devices Apps & Data Transition to cloud & mobility New attack landscape Current defenses not sufficient Identity breach On-premises apps SaaS Azure
  • 21. Microsoft Advanced Threat Analytics brings the behavioral analytics concept to IT and the organization’s users. An on-premises platform to identify advanced security attacks and insider threats before they cause damage Behavioral Analytics Detection of advanced attacks and security risks Advanced Threat Detection
  • 22. Shadow IT Sanctioned App Security Visibility and control Compliance and regulations Integration with existing systems and workflows Cloud security expertise Cloud Discovery
  • 23. Cross-SaaS solution • Shadow IT discovery • Advanced visibility, data control, and protection • Threat detection and prevention Office 365 Advanced Security Management Enhanced visibility and control for Office 365 • Discovery for apps with similar functionality to Office 365 • App permissions and control • Advanced security alerts Cloud App Security
  • 24. Enterprise Mobility + Security Basic identity mgmt. via Azure AD for O365: • Single sign-on for O365 • Basic multi-factor authentication (MFA) for O365 Basic mobile device management via MDM for O365 • Device settings management • Selective wipe • Built into O365 management console RMS protection via RMS for O365 • Protection for content stored in Office (on-premises or O365) • Access to RMS SDK • Bring your own key Advanced Security Management • Insights into suspicious activity in Office 365 Azure Active Directory • Risk based conditional access • Advanced security reports • Single sign-on for all apps • Advanced MFA • Dynamic Groups, Group based licensing assignment • Privileged identity management Identity and access management Cloud App Security • Visibility and control for all cloud apps Advanced Threat Analytics • Identify advanced threats in on premises identities Identity-driven security Intune • Mobile app management • Users self-service management • Certificate provisioning • PC management Azure Information Protection • Automated intelligent classification and labeling of data • Tracking and notifications for shared documents • Protection for on-premises Windows Server file shares Information protection Managed mobile productivity
  • 26. Directory as a service (no object limit) ● ● User and group management ● ● Single sign-on for pre-integrated SaaS and custom applications ● ● Security/usage reports ● ● Self-service password reset for cloud users ● ● Company branding (logon pages/access panel customization) ● ● Application proxy ● ● SLA 99.9% ● ● Self-Service Group and app Management/Self-Service application additions/ Dynamic Groups ● ● Self-service password reset/change/unlock with write-back to on-premises directories ● ● Multi-Factor Authentication (cloud and on-premises (MFA server)) ● Limited cloud-only for Office 365 Apps ● MDM auto-enrollment, Self-service BitLocker recovery, additional local administrators to Windows 10 devices via Azure AD Join, Enterprise State Roaming ● ● Group-based access management/provisioning ● MIM CAL + MIM Server*** ● Cloud app discovery ● Connect Health ● Conditional Access based on group/location/device state ● Identity Protection ● Privileged Identity Management ● Join a Windows 10 device to Azure AD, Desktop SSO, Microsoft Passport for Azure AD, Administrator BitLocker recovery ● *Default usage quota is 150,000 objects. An object is an entry in the directory service, represented by its unique distinguished name. An example of an object is a user entry used for authentication purposes. If you need to exceed this default quota, please contact support. The 500K object limit does not apply for Office 365, Microsoft Intune, or any other Microsoft paid online service that relies on Azure Active Directory for directory services. **With Azure AD Free and Azure AD Basic, end-users are entitled to get single sign-on access for up to 10 applications. ***Microsoft Identity Manager Server software rights are granted with Windows Server licenses (any edition). Since Microsoft Identity Manager runs on Windows Server OS, as long as the server is running a valid, licensed copy of Windows Server, then Microsoft Identity Manager can be installed and used on that server. No other separate license is required for Microsoft Identity Manager Server.
  • 27. RMS for O365* Azure RMS (EMS) Protection for Microsoft Exchange Online, Microsoft SharePoint Online, and Microsoft OneDrive for Business content ● ● Bring Your Own Key (BYOK) for customer-managed key provisioning life cycle2 ● ● Custom templates, including departmental templates ● ● Protection for on-premises Exchange and SharePoint content via Rights Management Services (RMS) connector ● ● RMS software developer kit for all platforms: Windows, Windows Mobile, iOS, Mac OSX, and Android ● ● Protection for non-Microsoft Office file formats, including PTXT, PJPG, and PFILE (generic protection) ●** ● RMS content consumption by using work or school accounts from RMS policy-aware apps and services ● ● RMS content creation by using work or school accounts ●*** ● Manual document classification and consumption of classified documents ● ● Automated data classification and administrative support for automated rule sets ● Hold Your Own Key (HYOK) that spans Azure RMS and Active Directory RMS for highly regulated scenarios ● RMS connector with on-premises Windows Server file shares by using the File Classification Infrastructure (FCI) connector ● Document tracking and revocation ● *Some Office 365 subscriptions also include data protection using Microsoft Azure RMS. For information on those Office 365 subscriptions and the data protection capabilities they include, refer to Azure Information Protection licensing datasheet. **Azure subscription required to use configured key for Bring Your Own Key (BYOK). ***Currently, you can also use this free subscription to help protect documents and create new email messages with enhanced protection. However, the ability to author new protected content is intended for trial use only and might be removed in the future.
  • 28. Cloud-based management for iOS, Android, and Windows Phone. ● ● ● Device configuration Inventory mobile devices that access corporate applications ● ● ● Remote factory reset (full device wipe) ● ● ● Mobile device configuration settings (PIN length, PIN required, lock time, etc.) ● ● ● Self-service password reset (Office 365 cloud only users) ● ● ● Office365 Provides reporting on devices that do not meet IT policy ● ● Group-based policies and reporting (ability to use groups for targeted device configuration) ● ● Root cert and jailbreak detection ● ● Remove Office 365 app data from mobile devices while leaving personal data and apps intact (Selective wipe) ● ● Prevent access to corporate email and documents based upon device enrollment and compliance policies ● ● Premiummobile device&appmanagement Self-service Company Portal for users to enroll their own devices and install corporate apps ● Deploy certificates, VPN profiles (including app-specific profiles), and Wi-Fi profiles ● Prevent cut/copy/paste/save as of data from corporate apps to personal apps (Mobile application management) ● Secure content viewing via Managed browser, PDF viewer, Imager viewer, and AV player apps for Intune ● Remote device lock via self-service Company Portal and via admin console ● Enroll and manage collections of corporate-owned devices, simplifying policy and app deployment. ● Deploy your internal line-of-business apps and apps in stores to users. ● Enable more secure web browsing using the Intune Managed Browser app ● PC management Cloud-based management for Mac OS X and Windows PCs. ● PC management (e.g. inventory, antimalware, patch, policies, etc.) ● OS deployment (via System Center ConfigMgr) ● PC software management ● Single management console for PCs and mobile devices (through integration with System Center ConfigMgr) ●
  • 29. Contact us for additional information & deployment offers David.Rosenthal@razor-tech.com