Hybrid Identity and Access Management
Microsoft Azure AD Premium delivers robust identity and access management from the cloud, in sync with your existing on-premises deployments:
- Single sign-on capabilities to thousands of Software as a Service (SaaS) applications including apps such as Office 365, Salesforce, Box.com, Facebook and more
- Web-based self-service password reset, integrated with Office 365
- Web-based self-service group management, including group expiration settings
- Machine learning driven security reports to show login anomalies and other threats
- Multi-factor authentication to reduce risk and support compliance requirements including conditional access to limit user interruption
- Risk-based conditional access provides another level of protection while it interactively evaluates the risk of the sign in and can take action
- Privileged Identity Management – Limits the attack footprint by providing on-demand admin access and reporting on that access
Mobile Device and Application Management
Microsoft Intune provides mobile device management, mobile application management, and PC management capabilities from the cloud:
- Protect data with mobile application policies. These determine what a user can and cannot do with the data on their device
- Deliver mobile device and application management across popular platforms: Windows, Windows Phone, iOS, and Android
- Maximize productivity with Intune-managed Office mobile apps and extend mobile application management to line-of-business apps with the Intune app wrapper
- Provide access to corporate resources on devices based upon enrollment and compliance policies
- Simplify administration via a single management console in the cloud with Intune or on-premises through integration with the included licensing for System Center Configuration Manager - the user license for SCCM is included with Intune!
Microsoft Azure AD Premium and Azure Rights Management can help protect your corporate assets:
- Encrypt files and protect them by applying policies that tie back to your Azure AD identity
- Restrict the ability to forward individual files or even copy and paste information from protected documents
- Audit and monitor access to protected files – even those that leave your organization’s boundaries
- Tight integration with Office applications, Office 365 and on-premise Exchange, and SharePoint
- Simple and easy to deploy with all the scalability that comes with a cloud solution
- Intelligent data classification allows policies to automatically classify and label data based on sensitivity
Microsoft Advanced Threat Analytics, Cloud App Security and Advanced Threat Protection adds a critical layer of security to protect your data:
- Helps protect against malicious attacks, abnormal behavior, security issues, and risks on-premises and in the cloud
- Detect suspicious activities and malicious attacks with behavioral analytics
- Gain visibility, control and protection for cloud-based apps
- Have Microsoft host the intrusion detection software in Azure included in the price
EMS is not just security; it includes other licensing in the bundle.
- Windows Client Access License (CAL) per user is included in the EMS license! No need to pay for this separately.
- System Center Configuration Manager Client Management License (CML) is also included in the EMS bundle. This covers the devices of the user. The management server is included. Licensing to manage other servers would be an additional charge.