Wat is Azure Active Directory Premium?

Azure Active Directory (Azure AD) helpt je gebruikersidentiteiten te beheren en een op informatie gebaseerd toegangsbeleid te maken om jouw organisatie te beveiligen. Met Azure AD wordt het beheer van identiteiten en toegang gecentraliseerd om zeer goede beveiliging, productiviteit en beheer voor alle apparaten, gegevens, apps en infrastructuur mogelijk te maken. Azure AD is ontwikkeld voor gebruik van apps in de cloud, op mobiele apparaten of on-premises en je kunt lagen met beveiligingsfuncties, zoals voorwaardelijke toegang, toevoegen om je gebruikers en organisatie te beschermen.

Wat is Microsoft Intune?

Maak veilige mobiele productiviteit mogelijk binnen een BYOD omgeving met ijzersterk Mobile Device & Application Management (MDM & MAM). Configureer en beheer PC-installaties vanop afstand en laat werknemers extra veilig werken met hun favoriete apparaten en apps. Stel een gedetailleerd app-beleid in voor controle op datatoegang en -gebruik met behoud van de vertrouwde Office-gebruikerservaring zonder dat gebruikers hun apparaten of privacy uit handen moeten geven. Daarnaast biedt Intune ook ‘conditional access’ waarmee de toegang al dan niet ontzegd kan worden afhankelijk van locatie, gedrag, rechten, apparaat…

Wat is Azure Information Protection?

Gevoelige data kan snel de ronde gaan. Azure Information Protection tracht hier een stokje voor te steken door gebruik te maken van Azure Rights Management. Voortaan bepalen uw identiteit, encryptie en authorisatiepolicies of je al dan niet een document of mail mag doorsturen, bewerken, kopiëren, afdrukken… Werknemers kunnen (al dan niet geautomatiseerd) documenten en emails eenvoudig beschermen door er ‘labels’ aan toe te wijzen. Zo’n label bevat een set van regels die de beveiligingsinstellingen op een bepaald niveau brengen. Admins kunnen deze regels of voorwaarden bij eindgebruikers afdwingen of aanraden gebaseerd op de inhoud van het document (wanneer bv. een kredietkaart nummer gedetecteerd werd).

Wat is Advanced Threat Analytics (ATP)?

De meeste hacks worden pas na 146(!) dagen ontdekt. Genoeg tijd om alle IP en gevoelige data weg te roven. Beperk het risico en krijg alle informatie die je nodig heeft in een realtime ‘aanvalstijdlijn’ met Advanced Threat Analytics. Alle kennis en inzichten van Microsoft is ingebouwd om normaal en verdacht gedrag van gebruikers of apparaten te leren kennen, te analyseren en te identificeren. Zelflerende en geavanceerde AI leert je organisatie en werknemers kennen waardoor het aantal false-positives tot een absoluut minimum wordt herleid. Je hoeft geen regels te maken of te verfijnen, of een stortvloed van beveiligingsrapporten in de gaten te houden. Vertrouw op altijd-actuele algoritmes die zich aanpassen aan de veranderingen in gebruikers en je bedrijf.

Wat is Cloud App Security? (E5)

Microsoft Cloud App Security komt enkel in de E5 formule van Microsoft EMS. Het is een Cloud Access Security Broker (CASB) die je zicht geeft op het gebruik van cloud-apps en -services waardoor al gauw veel ‘schaduw IT’ aan het licht komt. (niet-goedgekeurde soft- en hardware die buiten de IT afdeling valt). Het biedt geavanceerde analytics om cyberdreigingen te voorkomen en geeft je de mogelijkheid om zelf te bepalen hoe jouw data wordt benaderd en verstuurd. Beheer en beperk voortaan toegang op basis van sessiecontext zoals identiteit, apparaat en locatie en detecteer abnormaal gedrag onmiddellijk.

Wat is Azure Advanced Threat Protection? (E5)

Met deze clouddienst kan je de meest geavanceerde, complexe hybride omgevingen tegen gelaagde cyberaanvallen beschermen en de status monitoren met een eenvoudig dashboard. Geavanceerde netwerkanalyse scant op gekende en nieuwe kwetsbaarheden over de ganse lijn, zoals in protocols of ongewone benaderingen of manipulatie van gevoelige accounts en privileges. Daarnaast worden meerdere security-databronnen samengebracht zoals SIEM Integration, Windows Event Forwarding, Windows Event Collector, RADIUS Accounting van VPNs… Zo worden zelfs de meest geavanceerde dreigingen als ‘Reconnaissance’, ‘Lateral movement cycles’ en ‘Domain Dominance’ meteen in de kiem gesmoord.

VanRoey.be » The Digital Workplace » Microsoft 365 » Microsoft Enterprise Mobility & Security Suite

Microsoft Enterprise Mobility & Security Suite

TAKE YOUR SECURITY TO THE NEXT LEVEL WITHOUT SACRIFICING MOBILITY.

An employee must be able to work securely from anywhere and on any device, which poses major challenges and risks in terms of both management and security. Microsoft EMS:

is a collection of advanced management tools.
includes intelligent cloud security solutions
Gives employees one central identity
makes it easier for people to share and secure documents

A centralised identity for everyone

single identity

One common identity per user gives access to the on-premises Active Directory and cloud-based Azure Active Directory.

Single Sign On

Experience the convenience of 'single sign-on' for almost all applications within your organization, not only for Microsoft Office 365 apps, but also for thousands of other popular SaaS apps.

External employees

Specific users outside your organisation (partners, external team members...) can also be subject to policies and be given access to work better together and share data.

Always on all devices

Work securely from any device - your favorite smartphone, tablet, Mac, or PC - from anywhere, whether the device is owned by the company, the employee (BYOD), or remotely managed.

Innovative total security

Intelligent security

With a huge amount of Microsoft security research data, take advantage of machine learning and A.I. that detects abnormalities in activity and instantly prevents threats, both on-premise and in the cloud.

Everything under control

Reduce the area of attack by limiting the number of confidential accounts and regularly reviewing access rights.

Share & protect files

Enable secure file sharing internally/externally, allowing you to classify files, track their usage, and protect them anywhere. Don't allow sharing, copying, printing, and other actions, for example.

Easy access control

Protect your organization with single sign-on, Multi-Factor Authentication and conditional access based on user, location, device, security settings and / or applications, without affecting the authorized users.

Simplified, in-depth management

Easier to manage

Employees get a self-service portal where they can manage passwords or PINs and access to apps and groups. They can also invite external partners to collaborate in business apps, all without the help of IT.

1 portal

In one central location you can manage and consult everything, allowing you to manage all user identities, monitor updates on the status of the identity infrastructure, consult reports on user activities and audit logs.

Pre-configure users

Centrally configure all devices, policies and necessary certificates so users can easily access email, Wi-Fi, apps and their data. Their favorite devices are ready to use without having to set up much themselves.

App security

Enjoy comprehensive app security policies, such as the ability to restrict copy/paste and save as. You don't need a device rollout and can even enforce app policies on personal devices.

Want to know more about EMS? Click to ask your questions

EMS Workshop

A half-day introduction to the endless possibilities that EMS has to offer.

Get a better picture of how EMS makes your life as a system administrator easier and how it improves the security of the entire organization and all employees.

More info & registration

Free e-book

How does Microsoft EMS support your organization in its digital transformation? (PDF, 16 pages)

Free Download

Additional information about the integrated solutions:

What is Azure Active Directory Premium?

Azure Active Directory (Azure AD) helps you manage user identities and create information-based access policies to secure your organization. Azure AD centralizes identity and access management to enable high security, productivity, and management across all devices, data, apps, and infrastructure. Azure AD is designed to work with apps in the cloud, on mobile devices or on-premises, and you can add layers of security features, such as conditional access, to protect your users and organization.

What is Microsoft Intune?

Enable secure mobile productivity within a BYOD environment with rock-solid Mobile Device & Application Management (MDM & MAM). Remotely configure and manage PC installations and let employees work extra securely with their favorite devices and apps. Establish detailed app policies to control data access and usage while preserving the familiar Office user experience without sacrificing users' devices or privacy. In addition, Intune also offers 'conditional access' with which access may or may not be denied depending on location, behavior, rights, device...

What is Azure Information Protection?

Sensitive data can go around quickly. Azure Information Protection tries to stop this by using Azure Rights Management. From now on, your identity, encryption and authorization policies determine whether or not you can forward, edit, copy, print a document or e-mail... Employees can easily protect (automated or otherwise) documents and emails by assigning 'labels' to them. Such a label contains a set of rules that bring the security settings to a certain level. Admins can enforce or recommend these rules or conditions to end users based on the content of the document (e.g. when a credit card number has been detected).

What is Advanced Threat Analytics (ATP)?

Most hacks are only discovered after 146(!) days. Enough time to steal all IP and sensitive data. Limit the risk and get all the information you need in a real-time 'attack timeline' with Advanced Threat Analytics. All of Microsoft's knowledge and insights are built in to learn, analyze and identify normal and suspicious user or device behavior. Self-learning and advanced AI allows you to get to know your organization and employees, reducing the number of false positives to an absolute minimum. You don't have to make or refine rules, or monitor a flood of security reports. Rely on up-to-the-minute algorithms that adapt to changes in users and your business.

What is Cloud App Security? (E5)

Microsoft Cloud App Security only comes in the E5 formula of Microsoft EMS. It is a Cloud Access Security Broker (CASB) that gives you insight into the use of cloud apps and services, which quickly reveals a lot of 'shadow IT'. (unapproved soft- and hardware that falls outside the IT department). It provides advanced analytics to prevent cyber threats and allows you to control how your data is accessed and sent. Manage and restrict access based on session context such as identity, device and location and immediately detect abnormal behavior.

What is Azure Advanced Threat Protection (E5)

This cloud service allows you to protect the most advanced, complex hybrid environments from tiered cyber attacks and monitor status with a simple dashboard. Advanced network analysis scans for known and new vulnerabilities across the line, such as in protocols or unusual approaches or manipulation of sensitive accounts and privileges. In addition, multiple security data sources are brought together such as SIEM Integration, Windows Event Forwarding, Windows Event Collector, RADIUS Accounting of VPNs.... In this way, even the most advanced threats such as 'Reconnaissance', 'Lateral movement cycles' and 'Domain Dominance' are immediately nipped in the bud.

Getting started with Microsoft EMS?

Ask your question here or schedule an interview with our certified Microsoft Experts.

First name*

Surname*

E-mail address*

Organization*

Telephone*

Additional information or questions?

I agree with the privacy policy*

Newsletter subscription

I want to subscribe to the newsletter

E-book

Expand Office 365 management & security options with Microsoft EMS

This ebook briefly reviews all the advantages and possibilities that the Microsoft Enterprise Mobility & Security Suite offers on top of the traditional Office 365 environment.

Also Interesting

Microsoft Security Workshop

How do you prevent company data from being thrown to jail? Discover how identity, access & device management can help you.

E-book

An Office 365 Quick Course

Find out how to make the most of certain Office 365 apps in six critical areas of your business.

Whitepaper

Hiscox Cyber Readiness Report

Did you know that Belgium is one of the most (digitally) attacked countries in the world? This report shows where the weaknesses lie and offers a blueprint in best practices to arm yourself against the ever evolving cyber threats.

Whitepaper

The ‘what keeps you awake’ report

In 10 pages, a wealth of numerical data brings out the pain points that a Managed Security Awareness Training could prevent.

Microsoft Enterprise Mobility & Security Suite

A centralised identity for everyone

single identity

Single Sign On

External employees

Always on all devices

Innovative total security

Intelligent security

Everything under control

Share & protect files

Easy access control

Simplified, in-depth management

Easier to manage

1 portal

Pre-configure users

App security

EMS Workshop

Free e-book

OverviewEMS E3 vs EMS E5

Identity and access control

E3

E5

Simplified security and access control

Multi-Factor Authentication

Conditional access

Risk-based conditional access

Advanced security reporting

Privileged identity management

Windows Server Client Access License (CAL)

Managed mobile productivity

E3

E5

Mobile Device Management

Mobile application management

Advanced Microsoft Office 365 data protection

Integrated PC Management

Integrated on-premises management

Information Protection

E3

E5

Permanent data protection

Intelligent data classification and labelling

Tracking and withdrawal of documents

Encryption key management based on regulatory needs

Security based on identity

E3

E5

Microsoft Advanced Threat Analytics

Microsoft Cloud App Security

Azure Advanced Threat Protection