Header image overlay

Microsoft Enterprise Mobility & Security Suite


Play Video

An employee must be able to work securely from anywhere and on any device, which poses major challenges and risks in terms of both management and security. Microsoft EMS:

is a collection of advanced management tools.
includes intelligent cloud security solutions
Gives employees one central identity
makes it easier for people to share and secure documents
Secure & manage mobile devices with Intune, MDM & MAM...

Microsoft Gold Partner | VanRoey.be

centralized identity for all

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

One common identity per user gives access to the on-premises Active Directory and cloud-based Azure Active Directory.

Experience the convenience of 'single sign-on' for almost all applications within your organization, not only for Microsoft Office 365 apps, but also for thousands of other popular SaaS apps.

Specific users outside your organisation (partners, external team members...) can also be subject to policies and be given access to work better together and share data.

Work securely from any device - your favorite smartphone, tablet, Mac, or PC - from anywhere, whether the device is owned by the company, the employee (BYOD), or remotely managed.

Innovative total security

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

With a huge amount of Microsoft security research data, take advantage of machine learning and A.I. that detects abnormalities in activity and instantly prevents threats, both on-premise and in the cloud.

Reduce the area of attack by limiting the number of confidential accounts and regularly reviewing access rights.

Enable secure file sharing internally/externally, allowing you to classify files, track their usage, and protect them anywhere. Don't allow sharing, copying, printing, and other actions, for example.

Protect your organization with single sign-on, Multi-Factor Authentication and conditional access based on user, location, device, security settings and / or applications, without affecting the authorized users.

Simplified, in-depth management

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Employees get a self-service portal where they can manage passwords or PINs and access to apps and groups. They can also invite external partners to collaborate in business apps, all without the help of IT.

In one central location you can manage and consult everything, allowing you to manage all user identities, monitor updates on the status of the identity infrastructure, consult reports on user activities and audit logs.

Centrally configure all devices, policies and necessary certificates so users can easily access email, Wi-Fi, apps and their data. Their favorite devices are ready to use without having to set up much themselves.

Enjoy comprehensive app security policies, such as the ability to restrict copy/paste and save as. You don't need a device rollout and can even enforce app policies on personal devices.

Additional information about the integrated solutions:

Azure Active Directory (Azure AD) helps you manage user identities and create information-based access policies to secure your organization. Azure AD centralizes identity and access management to enable high security, productivity, and management across all devices, data, apps, and infrastructure. Azure AD is designed to work with apps in the cloud, on mobile devices or on-premises, and you can add layers of security features, such as conditional access, to protect your users and organization.

Enable secure mobile productivity within a BYOD environment with rock-solid Mobile Device & Application Management (MDM & MAM).

Remotely configure and manage PC deployments and let employees work extra securely with their favorite devices and apps. Set up a detailed app policy to control data access and use while maintaining the familiar Office user experience without users having to give up their devices or privacy.

In addition, Intune also offers conditional access, which can be denied or not, depending on location, behaviour, rights, device, etc. Read more about Intune at this page.

Sensitive data can go around quickly. Azure Information Protection tries to stop this by using Azure Rights Management. From now on, your identity, encryption and authorization policies determine whether or not you can forward, edit, copy, print a document or e-mail... Employees can easily protect (automated or otherwise) documents and emails by assigning 'labels' to them. Such a label contains a set of rules that bring the security settings to a certain level. Admins can enforce or recommend these rules or conditions to end users based on the content of the document (e.g. when a credit card number has been detected).
Most hacks are only discovered after 146(!) days. Enough time to steal all IP and sensitive data. Limit the risk and get all the information you need in a real-time 'attack timeline' with Advanced Threat Analytics. All of Microsoft's knowledge and insights are built in to learn, analyze and identify normal and suspicious user or device behavior. Self-learning and advanced AI allows you to get to know your organization and employees, reducing the number of false positives to an absolute minimum. You don't have to make or refine rules, or monitor a flood of security reports. Rely on up-to-the-minute algorithms that adapt to changes in users and your business.
Microsoft Cloud App Security only comes in the E5 formula of Microsoft EMS. It is a Cloud Access Security Broker (CASB) that gives you insight into the use of cloud apps and services, which quickly reveals a lot of 'shadow IT'. (unapproved soft- and hardware that falls outside the IT department). It provides advanced analytics to prevent cyber threats and allows you to control how your data is accessed and sent. Manage and restrict access based on session context such as identity, device and location and immediately detect abnormal behavior.
This cloud service allows you to protect the most advanced, complex hybrid environments from tiered cyber attacks and monitor status with a simple dashboard. Advanced network analysis scans for known and new vulnerabilities across the line, such as in protocols or unusual approaches or manipulation of sensitive accounts and privileges. In addition, multiple security data sources are brought together such as SIEM Integration, Windows Event Forwarding, Windows Event Collector, RADIUS Accounting of VPNs.... In this way, even the most advanced threats such as 'Reconnaissance', 'Lateral movement cycles' and 'Domain Dominance' are immediately nipped in the bud.
Microsoft Partnership | VanRoey.be

Getting started with Microsoft EMS?

Ask your question here or schedule an interview with our certified Microsoft Experts. 

vat no.*


Recently, VanRoey.be entered into a partnership with Scappman. A Belgian start-up for the automated installation & updating of third-party apps. Re-watch our webinar about Microsoft Intune here and discover the advantages of Scappman.

EMS E3 vs EMS E5

For your information: EMS can be purchased separately, but is also integrated in the inexpensive Microsoft 365 Enterprise bundlesalong with Office 365 Enterprise and Windows 10 Enterprise. 

It is not mandatory to put all users on the same formula.

Enterprise Mobility + Security


€ 9
per user per month, in a yearly subscription

Azure Active Directory Premium P1
Azure Information Protection P1
Advanced Threat Analytics

Enterprise Mobility + Security


€ 13,9
per user per month, in a yearly subscription

Azure Active Directory Premium P2
Azure Information Protection P2
Advanced Threat Analytics
Cloud App Security
Azure Advanced Threat Protection

Identity and access control



Simplified security and access control

Centralized management of single sign-on for your devices, your data center and the cloud.


Multi-Factor Authentication

Enhance login authentication with authentication options, including notifications for phone calls, text messages, or mobile apps, and use security checks to detect inconsistencies.


Conditional access

Set up contextual policies for user, location, device, and app level monitoring to grant, block, or investigate user access.


Risk-based conditional access

Secure apps and important data in real time with machine learning and the Microsoft Intelligent Security Graph that lets you block access in case of risk.


Advanced security reporting

Monitor suspicious activity with reporting, auditing and alerts and resolve potential security issues with targeted recommendations.


Privileged identity management

Provide timely, on-demand administrator access to online services with access-related reports and alerts.


Windows Server Client Access License (CAL)

Give each user access to server functions from multiple devices at a fixed price.


Managed mobile productivity



Mobile Device Management (MDM/MAM)

With Mobile Application Management (MAM) and Mobile Device Management (MDM), register corporate and personal devices so you can implement settings and compliance, and secure corporate data.


Mobile application management

Publish, configure and update mobile apps on registered and unregistered devices and secure or delete app-related corporate data.


Advanced Microsoft Office 365 data protection

Expand management and security capabilities for users, devices, apps, and data while continuing to deliver a comprehensive, productive end-user experience.


Integrated PC Management

Centrally manage PCs, laptops and mobile devices from a single management console with detailed hardware and software configuration reports.


Integrated on-premises management

Extend your on-premises management to the cloud with one console through the integration of Microsoft System Center Configuration Manager and Microsoft System Center Endpoint Protection for enhanced management of PCs, Macs, Unix/Linux servers and mobile devices.


Information Protection



Permanent data protection

Encrypts confidential data and sets up user rights for permanent security no matter where the data is stored or shared.


Intelligent data classification and labelling

Configure policies to automatically classify and label data based on confidentiality and then apply permanent security.


Tracking and withdrawal of documents

Monitor shared data activities and revoke access rights in the event of unexpected events.


Encryption key management based on regulatory needs

Choose standard key management options or implement and manage your own keys to comply with regulations.


Security based on identity



Microsoft Advanced Threat Analytics

Detect abnormal behavior within on-premises systems and identify advanced targeted attacks and threats from within before they lead to damage.


Microsoft Cloud App Security

Gain visibility, control, and protection over your cloud-based apps as well as identify threats, abnormal behavior, and other cloud security issues.


Azure Advanced Threat Protection

Track and investigate advanced attacks and suspicious behavior on-premises and in the cloud.

Discover in how Microsoft Intune in combination with the Belgian Scappman can take the installation and updating of software out of your hands.

Related info

Our Solutions


Our own Inspiration Centre in Geel provides the perfect setting to welcome you this autumn and take you into the latest trends within the IT world.

Attention: limited number of places!