Microsoft Enterprise Mobility Suite (EMS) is set of tools including Microsoft Intune, Azure AD and Azure RMS to help you manage your mobile devices to control the mobilityof your users and customers. But where do you start?
Trying new technology is hard, particularly in Enterprise Mobility. Microsoft is the exception. With Enterprise Mobility Suite (EMS) you are up and running and trying mobility management in just a few minutes if you’re doing it right!
Enterprise Mobility Suite is a kind of group of mobility tools. As the name suggests Microsoft’s new and improved offering is a suite of often leading components, that come together.
“Where do I start with these tools?”
You’ll be set up in about 5 steps.
- Get a 30 day trial for Office 365(see below)
- Get a 30 day trial for EMS suite
- Synchronize an on-premises AD to Azure AD
- Configure mobile device authorities most of the time with a certificate
- Enroll a device
- And there you are
Microsoft has one place for user accounts: Active Directory.
One of the big benefits of EMS is that it doesn’t harm your identity strategy. You need Active Directory and with Enterprise Mobility Suite Microsoft safely extend your on-prem AD DS to the modern architecture of Azure AD (you don’t need an on-prem AD as the solution is cloud stand-alone too).
The idea, of extending your on-prem AD to the internet, might sound daunting, but it really is a good idea. Because you are able to use your identities on lots of more places.
Office 365, Microsoft Intune and ANY apps you want can share your Azure AD. lots are built-in, out of the box (like Salesforce, Facebook, Box and Nomadesk)!
Manage Devices and Apps with Microsoft Intune
If identity is the fundamental of enterprise mobility management then device management is the first floor and application management is the second floor. Mobility management technology has evolved to deal with the newer challenges that mobility in today’s world faces.
You probably know of MDM – Mobile Device Management. MDM manages things like remote wipe, applying company policy I suppose an old school admin would see MDM as the Group Policy of the modern device world.
This type is the need to control what you need on a device. It’s an essential layer in today’s world. If you use Office 365 and or Azure, you want Microsoft Intune, no matter what device platform (Windows, iOS, Android).
Protecting Data with Azure Rights Management
Azure RMS will protect your data and only allow the people intended to have access to it under the right conditions. Protection has become much more important and easier to deliver.
Example: You install a Azure RMS Connector servers on-prem and your Exchange, SharePoint, and File Servers can be protected by Azure RMS. Besides that you can bring your own key and Azure will store your keys in a safe vault.
The Power of Tools
With the above you can do some amazing things. You can protect all your data on your OneDrive with RMS and allow enrolled devices with MDM (Intune) to have access to the information where you have access to from any device.
In some situations EMS can help you out in the most worst case scenarios:
- The user loses their device: You know that RMS protects the data at rest, even if you can’t remote wipe it.
- The user leaves the company: You can remove the apps and the data that the user was accessing and know they have no access to further data.
- The user sells their device without wiping it: You can block the devices access while leaving their access intact.
Quick Start trials
- Do you have an Office 365 trial? If not get one. If you do, make sure it’s still valid and then return to click Sign in.
- Go get an Azure trial, or if you already have one you can just use that.
- Now go get a Microsoft EMS Trial, be sure to click the Sign in button and be signed in with your Office 365 trial. You can add EMS to your free Office365 Subscription.