microsoft enterprise mobility suite launch presentation - atidan
TRANSCRIPT
Announcing Azure Enterprise Mobility Suite for SMB
Presented by: David J. RosenthalCEO, AtidanApril 13, 2015Microsoft Technology CenterNew York City
Agenda
• What PAINS does EMS solve for?
• Overview and Key Points
• Technical Components of EMS
• Next Steps & Q&A
What PAINs exist that EMS solves for?
Enterprise Mobility Suite (EMS) is Here from Atidan starting April 2015
Hybrid and Cloud Identity • Single sign-on across multiple SaaS applications• Self Service Password Reset & Group management• Security audit reports & Multi Factor Authentication• Watch the hybrid identity demo
Enabled via Azure Active Directory Premium:
Mobile Device Management• Mobile device settings management• Mobile app management• Selective wipe• Watch the mobile device management demo
Enabled via Microsoft Intune
Data Protection• Information protection• Connection to on-premises assets• Watch the information protection demo
Enabled via Azure Rights Management Service:
Device Management, Access Control, Information Protection
Cloud identity management
Why Microsoft?
Mobile device & app management
Information protection
Azure Active Directory Premium Microsoft Intune Azure Rights Management Service
Ping Identity
Okta
Centrify
Salesforce Identity AirWatch MobileIron
Good
KaseyaSymantec Seclore
FasooAdobe LiveCycle
EMS: One Vendor, One Contract, One SKU
Why Microsoft?
Other Options in the Market
EMS IT Manageability benefits for O365 customers
Cloud and hybrid identity management
Mobile device management
Information protection
Enterprise Mobility
Suite
RMS Protection via RMS for
O365
•Protection for content stored in
Office (on prem or O365)•Access to RMS SDK•Bring your own Key
RMS for O365 +
•Protection for on-premises
Windows Server file shares
Basic Mobile Device
Management via MDM for O365
•Device Settings Management
• Selective Wipe
•Built into O365 Mgmt Console
MDM for O365 +
•PC Management
•Mobile App Management (prevent
cut/copy/past/save as from
corporate apps to personal apps)
• Secure content viewers
•Certificate Provisioning
• System Center integration
Basic Identity Mgmt via Azure
AD for O365:
• Single Sign on for O365
•Basic Multifactor Authentication
(MFA) for O365
Azure AD for O365 +
• Single Sign on for all cloud apps
•Advanced MFA for all workloads
• Self Service group management
and password reset with write back
to on prem directory
•Advanced security reports
• FIM (Server + CAL)
A comprehensive identity and access management cloud solution.
It combines directory services, advanced identity governance, application access management and a rich standards-based platform for developers
It is available in 3 editions: free, Basic and Premium (Premium in EMS)
What is Azure Active Directory?
Identity as the control plane
Preintegrated SaaS apps in the application gallery
Mobile application management
PC managementMobile device management
Enterprise mobility management with Intune
Intune helps organizations provide their employees with access to corporate applications, data, and
resources from virtually anywhere on almost any device, while helping to keep corporate information secure.
User IT
Comprehensive lifecycle management
Enroll• Provide a self-service Company
Portal for users to enroll devices
• Deliver custom terms and
conditions at enrollment
• Bulk enroll devices using Apple
Configurator or service account
• Restrict access to Exchange
email if a device is not enrolled
Retire• Revoke access to corporate
resources
• Perform selective wipe
• Audit lost and stolen devices
Provision• Deploy certificates, email, VPN,
and WiFi profiles
• Deploy device security policy
settings
• Install mandatory apps
• Deploy app restriction policies
• Deploy data protection policies
Manage and Protect• Restrict access to corporate
resources if policies are violated
(e.g., jailbroken device)
• Protect corporate data by
restricting actions such as
copy/cut/paste/save outside of
managed app ecosystem
• Report on device and app
compliance
User IT
Company portal self-service experience
Consistent experience across:
Discover and install corporate apps
Manage devices and data
Ability to contact IT
Customizable terms and conditions
Mobile application management
Maximize mobile productivity and protect corporate
resources with Office mobile apps
Extend these capabilities to existing line-of-business
apps using the Intune app wrapper
Enable secure viewing of content using the Managed
Browser, PDF Viewer, AV Player, and Image Viewer apps
Managed apps
Personal appsPersonal apps
Managed apps
ITUser
Mobile application management
Personal apps
Managed apps
Maximize productivity while preventing leakage of company
data by restricting actions such as copy/cut/paste/save in
your managed app ecosystem
User
Personal apps
Selective wipe
Managed apps Company Portal
Are you sure you want to wipe
corporate data and applications
from the user’s device?
OK Cancel
Perform selective wipe via self-service company portal or admin console
Remove managed apps and data
Keep personal apps and data intact
ITIT
Category FeatureExchange ActiveSync
MDM for Office 365
IntuneStandalone
Intune + ConfigMgr
(Hybrid)
Devi
ce
config
ura
tio
n Inventory mobile devices that access corporate applications ● ● ● ●
Remote factory reset (full device wipe) ● ● ● ●
Mobile device configuration settings (PIN length, PIN required, lock time, etc.) ● ● ● ●
Self-service password reset (Office 365 cloud only users) ● ● ● ●
Off
ice 3
65
Provides reporting on devices that do not meet IT policy ● ● ●
Group-based policies and reporting (ability to use groups for targeted device configuration) ● ● ●
Root cert and jailbreak detection ● ● ●
Remove Office 365 app data from mobile devices while leaving personal data and apps intact (selective wipe) ● ● CY2015
Prevent access to corporate email and documents based upon device enrollment and compliance policies ● ● CY2015
Pre
miu
m
mo
bile
devi
ce &
ap
p m
anag
em
ent
Self-service Company Portal for users to enroll their own devices and install corporate apps ● ●
App deployment (Windows Phone, iOS, Android) ● ●
Deploy certificates, VPN profiles (including app-specific profiles), email profiles, and Wi-Fi profiles ● ◐ *
Prevent cut/copy/paste/save as of data from corporate apps to personal apps (mobile application management) ● CY2015
Secure content viewing via Managed browser, PDF viewer, Imager viewer, and AV player apps for Intune ● CY2015
Remote device lock via self-service Company Portal and via admin console ● ●
PC
M
anag
em
ent
Client PC management (e.g. Windows 8.1, inventory, antimalware, patch, policies, etc.) ● ●
PC software management ● ●
Comprehensive PC management (e.g. Windows Server/Linux/Mac OS X support, virtual desktop and power
management, custom reporting, etc.)●
OS deployment ●
Single management console for PCs, Windows Server/Linux/Mac OS X, and mobile devices ●
Intune Feature Comparison
* Deployment of VPN and email profiles for Android devices to be added in CY2015
Azure RMSMicrosoft’s Information Protection Solution
Addressing these common problems
Azure RMS is built on…
Multiple layers of data protection
ITUser
Enterprise
Mobility Suite
Identify and authorize user
Apply device policies
Apply application policies
Apply content policies
Active Directory Premium
Rights Management
Next Steps
Demonstration Video Recording
Special offer from Atidan for implementation and support
1-215-825-5045 x5001
• Review individual EMS solution demos• Watch the hybrid identity demo• Watch the mobile device management demo• Watch the information protection demo
Q&A