What is Microsoft Enterprise Mobility + Security (a.k.a. EMS)?
EMS is a Microsoft suite of services that helps businesses significantly boost their cybersecurity posture with Microsft Intune, Azure Rights Management, Identity & Access Management, as well as Advanced Threat Protection Analytics. These services are designed to protect a company, its data, and employees by streamlining device management, providing cyber threat intelligence, and securing corporate information.
Intune is a product within the EMS suite that allows you to manage devices, be it a workstation, a mobile device, or an iPad. It allows you to push out applications to patch the device, to inventory a device, and to wipe the device. Those are some of the benefits under one single pane of glass. It's user-based, so a user may have a workstation, a mobile device, and an iPad—an agent's installed in each one of those devices, it is assigned to the user. The user is then assigned a profile, what they can and cannot do, and applications are pushed out and containerized.
For a user who has their own laptop, there is a workspace on that laptop that is for corporate information, and Microsoft EMS can limit corporate information within that workspace itself. When that employee leaves the organization, that corporate workspace is pulled back, as is all the corporate data.
In addition to Intune and device management, there are enhanced security features in EMS. Some of them include self-service password resets that enable a user to reset their own password at any point in time. Similar to what you do with your bank. In addition to that, there are identity services.
Identity services look at the user's behavior, where they're logging in from—are they logging in from a trusted IP address? Are they logging in from a geographically dispersed location? For example, did they log in 10 minutes ago in Boston, and then 20 minutes in LA? That is an impossibility. They throw flags. In addition to which, the product itself looks at user names and passwords across the web to see if they've been compromised. These features help you take a proactive approach to your security.
Lastly, multi-factor authentication is truly the standard today for authentication when logging on to services. Those services can be remote, or they can be internal. But by utilizing multi-factor authentication, you eliminate the risk of compromised usernames and passwords.
Advanced threat protection utilizes state-of-the-art technology to profile users with adaptive learning. Over a period of time, ATP understands the behavior of a user, when things change, and abnormalities. So for example, if a user does the same thing day in and day out, and then all of a sudden changes, it will alert an administrator to that change.
In addition, it also protects the user's identity, meaning it will check to see if a username or password has been compromised. If a username or password has been compromised, it will alert the administrator of that event and provide some forensic details. Basically, an auto log. So, how did the compromise happen? And once you have that information—you can remediate it, then take more proactive measures that protect the rest of the organization.
One of the drawbacks of EMS is that it does not support location services. Location services gives the administrator the ability to determine where the device is at any point in time.
One other additional con of EMS is because EMS has so many components, it does take some knowledge of which to deploy. It is not a point-and-click solution, but once configured, it works seamlessly. Using EMS in products like Microsoft 365, SharePoint, and OneDrive, will enable and empower your users to work any time, anywhere, on any device, and still maintain control as an organization.
Check Out Some iCorps Client Case Studies: