VanRoey.be » The Digital Workplace » Microsoft 365 » Microsoft Enterprise Mobility & Security Suite

Microsoft Enterprise Mobility & Security Suite

Q: What is Azure Active Directory Premium?

Azure Active Directory (Azure AD) helpt je gebruikersidentiteiten te beheren en een op informatie gebaseerd toegangsbeleid te maken om jouw organisatie te beveiligen. Met Azure AD wordt het beheer van identiteiten en toegang gecentraliseerd om zeer goede beveiliging, productiviteit en beheer voor alle apparaten, gegevens, apps en infrastructuur mogelijk te maken. Azure AD is ontwikkeld voor gebruik van apps in de cloud, op mobiele apparaten of on-premises en je kunt lagen met beveiligingsfuncties, zoals voorwaardelijke toegang, toevoegen om je gebruikers en organisatie te beschermen.

Q: What is Azure Information Protection?

Gevoelige data kan snel de ronde gaan. Azure Information Protection tracht hier een stokje voor te steken door gebruik te maken van Azure Rights Management. Voortaan bepalen uw identiteit, encryptie en authorisatiepolicies of je al dan niet een document of mail mag doorsturen, bewerken, kopiëren, afdrukken… Werknemers kunnen (al dan niet geautomatiseerd) documenten en emails eenvoudig beschermen door er ‘labels’ aan toe te wijzen. Zo’n label bevat een set van regels die de beveiligingsinstellingen op een bepaald niveau brengen. Admins kunnen deze regels of voorwaarden bij eindgebruikers afdwingen of aanraden gebaseerd op de inhoud van het document (wanneer bv. een kredietkaart nummer gedetecteerd werd).

Q: What is Advanced Threat Analytics (ATP)?

De meeste hacks worden pas na 146(!) dagen ontdekt. Genoeg tijd om alle IP en gevoelige data weg te roven. Beperk het risico en krijg alle informatie die je nodig heeft in een realtime ‘aanvalstijdlijn’ met Advanced Threat Analytics. Alle kennis en inzichten van Microsoft is ingebouwd om normaal en verdacht gedrag van gebruikers of apparaten te leren kennen, te analyseren en te identificeren. Zelflerende en geavanceerde AI leert je organisatie en werknemers kennen waardoor het aantal false-positives tot een absoluut minimum wordt herleid. Je hoeft geen regels te maken of te verfijnen, of een stortvloed van beveiligingsrapporten in de gaten te houden. Vertrouw op altijd-actuele algoritmes die zich aanpassen aan de veranderingen in gebruikers en je bedrijf.

Q: What is Cloud App Security? (E5)

Microsoft Cloud App Security komt enkel in de E5 formule van Microsoft EMS. Het is een Cloud Access Security Broker (CASB) die je zicht geeft op het gebruik van cloud-apps en -services waardoor al gauw veel ‘schaduw IT’ aan het licht komt. (niet-goedgekeurde soft- en hardware die buiten de IT afdeling valt). Het biedt geavanceerde analytics om cyberdreigingen te voorkomen en geeft je de mogelijkheid om zelf te bepalen hoe jouw data wordt benaderd en verstuurd. Beheer en beperk voortaan toegang op basis van sessiecontext zoals identiteit, apparaat en locatie en detecteer abnormaal gedrag onmiddellijk.

Q: What is Azure Advanced Threat Protection (E5)

Met deze clouddienst kan je de meest geavanceerde, complexe hybride omgevingen tegen gelaagde cyberaanvallen beschermen en de status monitoren met een eenvoudig dashboard. Geavanceerde netwerkanalyse scant op gekende en nieuwe kwetsbaarheden over de ganse lijn, zoals in protocols of ongewone benaderingen of manipulatie van gevoelige accounts en privileges. Daarnaast worden meerdere security-databronnen samengebracht zoals SIEM Integration, Windows Event Forwarding, Windows Event Collector, RADIUS Accounting van VPNs… Zo worden zelfs de meest geavanceerde dreigingen als ‘Reconnaissance’, ‘Lateral movement cycles’ en ‘Domain Dominance’ meteen in de kiem gesmoord.

TAKE YOUR SECURITY TO A HIGHER LEVEL WITHOUT LIMITING MOBILITY with Microsoft Security

An employee must be able to work securely from anywhere and on any device, which poses major challenges and risks in terms of both management and security. Microsoft EMS:

is a collection of advanced management tools.
includes intelligent cloud security solutions
Gives employees one central identity
makes it easier for people to share and secure documents
Secure & manage mobile devices with Intune, MDM & MAM...

centralized identity for all

Accordion #1

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

One Identity

One common identity per user gives access to the on-premises Active Directory and cloud-based Azure Active Directory.

Single Sign On

Experience the convenience of 'single sign-on' for almost all applications within your organization, not only for Microsoft Office 365 apps, but also for thousands of other popular SaaS apps.

External employees

Specific users outside your organisation (partners, external team members...) can also be subject to policies and be given access to work better together and share data.

Always on all devices

Work securely from any device - your favorite smartphone, tablet, Mac, or PC - from anywhere, whether the device is owned by the company, the employee (BYOD), or remotely managed.

Innovative total security

Accordion #1

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Intelligent security

With a huge amount of Microsoft security research data, take advantage of machine learning and A.I. that detects abnormalities in activity and instantly prevents threats, both on-premise and in the cloud.

Everything under control

Reduce the area of attack by limiting the number of confidential accounts and regularly reviewing access rights.

Share & protect files

Enable secure file sharing internally/externally, allowing you to classify files, track their usage, and protect them anywhere. Don't allow sharing, copying, printing, and other actions, for example.

Easy access control

Protect your organization with single sign-on, Multi-Factor Authentication and conditional access based on user, location, device, security settings and / or applications, without affecting the authorized users.

Simplified, in-depth management

Accordion #1

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Easier to manage

Employees get a self-service portal where they can manage passwords or PINs and access to apps and groups. They can also invite external partners to collaborate in business apps, all without the help of IT.

1 Portal

In one central location you can manage and consult everything, allowing you to manage all user identities, monitor updates on the status of the identity infrastructure, consult reports on user activities and audit logs.

Pre-configure users

Centrally configure all devices, policies and necessary certificates so users can easily access email, Wi-Fi, apps and their data. Their favorite devices are ready to use without having to set up much themselves.

App security

Enjoy comprehensive app security policies, such as the ability to restrict copy/paste and save as. You don't need a device rollout and can even enforce app policies on personal devices.

Want to know more about EMS? Click to ask your questions

Additional information about the integrated solutions:

What is Azure Active Directory Premium?

Azure Active Directory (Azure AD) helps you manage user identities and create information-based access policies to secure your organization. Azure AD centralizes identity and access management to enable high security, productivity, and management across all devices, data, apps, and infrastructure. Azure AD is designed to work with apps in the cloud, on mobile devices or on-premises, and you can add layers of security features, such as conditional access, to protect your users and organization.

What is Microsoft Intune?

Enable secure mobile productivity within a BYOD environment with rock-solid Mobile Device & Application Management (MDM & MAM). Remotely configure and manage PC installations and let employees work extra securely with their favorite devices and apps. Establish detailed app policies to control data access and usage while preserving the familiar Office user experience without sacrificing users' devices or privacy. In addition, Intune also offers 'conditional access' with which access may or may not be denied depending on location, behavior, rights, device...

What is Azure Information Protection?

Sensitive data can go around quickly. Azure Information Protection tries to stop this by using Azure Rights Management. From now on, your identity, encryption and authorization policies determine whether or not you can forward, edit, copy, print a document or e-mail... Employees can easily protect (automated or otherwise) documents and emails by assigning 'labels' to them. Such a label contains a set of rules that bring the security settings to a certain level. Admins can enforce or recommend these rules or conditions to end users based on the content of the document (e.g. when a credit card number has been detected).

What is Advanced Threat Analytics (ATP)?

Most hacks are only discovered after 146(!) days. Enough time to steal all IP and sensitive data. Limit the risk and get all the information you need in a real-time 'attack timeline' with Advanced Threat Analytics. All of Microsoft's knowledge and insights are built in to learn, analyze and identify normal and suspicious user or device behavior. Self-learning and advanced AI allows you to get to know your organization and employees, reducing the number of false positives to an absolute minimum. You don't have to make or refine rules, or monitor a flood of security reports. Rely on up-to-the-minute algorithms that adapt to changes in users and your business.

What is Cloud App Security? (E5)

Microsoft Cloud App Security only comes in the E5 formula of Microsoft EMS. It is a Cloud Access Security Broker (CASB) that gives you insight into the use of cloud apps and services, which quickly reveals a lot of 'shadow IT'. (unapproved soft- and hardware that falls outside the IT department). It provides advanced analytics to prevent cyber threats and allows you to control how your data is accessed and sent. Manage and restrict access based on session context such as identity, device and location and immediately detect abnormal behavior.

What is Azure Advanced Threat Protection (E5)

This cloud service allows you to protect the most advanced, complex hybrid environments from tiered cyber attacks and monitor status with a simple dashboard. Advanced network analysis scans for known and new vulnerabilities across the line, such as in protocols or unusual approaches or manipulation of sensitive accounts and privileges. In addition, multiple security data sources are brought together such as SIEM Integration, Windows Event Forwarding, Windows Event Collector, RADIUS Accounting of VPNs.... In this way, even the most advanced threats such as 'Reconnaissance', 'Lateral movement cycles' and 'Domain Dominance' are immediately nipped in the bud.

Getting started with Microsoft EMS?

Ask your question here or schedule an interview with our certified Microsoft Experts.

First name*

Surname*

E-mail address*

Organization*

Telephone*

Additional info or questions?

I agree with the privacy policy*

Newsletter subscription

I want to subscribe to the monthly newsletter

Want to know more about EMS? Click to ask your questions

Webinar

Microsoft Licenses: the forest for the trees

Open Value, Business Standard vs Business Premium, E3 vs E5, Office 365 vs Microsoft 365, ... Yves Kerwijn explains the licensing model of Microsoft.

Also Interesting

Microsoft Security Workshop

How do you prevent company data from being thrown to jail? Discover how identity, access & device management can help you.

Whitepaper

Hiscox Cyber Readiness Report

Did you know that Belgium is one of the most (digitally) attacked countries in the world? This report shows where the weaknesses lie and offers a blueprint in best practices to arm yourself against the ever evolving cyber threats.

Whitepaper

The ‘what keeps you awake’ report

In 10 pages, a wealth of numerical data brings out the pain points that a Managed Security Awareness Training could prevent.

Whitepaper

The Mobile Workplace

There's no such thing as 'the ready-made recipe' for the mobile workplace. Help your employees to be extra productive and flexible thanks to the right tools.

Microsoft Enterprise Mobility & Security Suite

centralized identity for all

Innovative total security

Simplified, in-depth management

Additional information about the integrated solutions:

Getting started with Microsoft EMS?

OverviewEMS E3 vs EMS E5

Identity and access control

E3

E5

Simplified security and access control

Multi-Factor Authentication

Conditional access

Risk-based conditional access

Advanced security reporting

Privileged identity management

Windows Server Client Access License (CAL)

Managed mobile productivity

E3

E5

Mobile Device Management (MDM/MAM)

Mobile application management

Advanced Microsoft Office 365 data protection

Integrated PC Management

Integrated on-premises management

Information Protection

E3

E5

Permanent data protection

Intelligent data classification and labelling

Tracking and withdrawal of documents

Encryption key management based on regulatory needs

Security based on identity

E3

E5

Microsoft Advanced Threat Analytics

Microsoft Cloud App Security

Azure Advanced Threat Protection

Microsoft Licenses: the forest for the trees

Also Interesting

Microsoft Security Workshop

Hiscox Cyber Readiness Report

The ‘what keeps you awake’ report

The Mobile Workplace

Customer Area

Overview
EMS E3 vs EMS E5