Microsoft Enterprise Mobility + Security Suite

Lift your security to a higher level without sacrificing mobility

An employee is expected to be able to work from anywhere, from any device, and to consult your valuable data in the cloud and/or on-premise… This brings major challenges and risks both in management as well as security.

EMS is a collection of management and security tools. It includes intelligent security Solutions , allowing employees and external contacts to sign in, collaborate, share and secure documents more easily.

VanRoey.be | Microsoft Gold Partner

Discover all the benefitsDiscover our WorkshopsCompare EMS E3 and E5

Meer info en/of een offerte van Microsoft EMS?

Onze specialisten zullen u spoedig contacteren om de mogelijkheden met u te bespreken of een afspraak in te plannen.

Als u alvast een vraag heeft kan onze specialist zich hierop voorbereiden.

Gelieve onderstaande te vervolledigen. Wij zullen u het E-book onmiddellijk toesturen.

Benefits

Centralized identity

One identity

One common identity per user gives access to the on-premise Active Directory and Cloud-based Azure Active Directory.

Single Sign On

This results in the convenience of ‘ single Sign-on ‘ for almost all applications within your organization. Not only for Microsoft Office 365 apps, but also for thousands of other popular SaaS apps.

External employees

Also, specific users outside your organization (partners, external team members…) can be subject to policies and get access to collaborate better and share data.

Everywhere, all devices

Safely work from any location from any device: Your favorite smartphone, tablet, Mac or PC. Whether the device is owned by the company, the employee (BYOD) or is managed remotely.

Innovative Total Security

Intelligent security

Take advantage of the huge amount of Microsofts security research data, collected through machine-learning and A.I. , that detects activity changes and prevents threats immediately, both on-premise and in the cloud .

Under control

Reduce the attack area by limiting the number of confidential accounts and periodically evaluating access rights.

Share & Protect files

Make it possible to safely share files internally/externally , classify files, track their usage, and protectthem anywhere. For example, do not allow sharing, copying, printing, and other actions.

Conditional access

Protect your organization with single sign-on, Multi-Factor Authentication and conditional access based on user, location, device, security settings and/or applications. This does not bother the authorized users.

Simplified, in-depth management

Less, simpler management

Employees get a self-service Portal where they can manage their own passwords or pins and access to certain apps and groups. They can also invite external partners to collaborate in their own applications. All this without invoking the help of IT .

1 Portal

You can manage and consult everything through one central location . This allows you to manage all user identities, monitor updates on Identity infrastructure status, review user activity reports and audit logs

Preconfigure users

centrally configure all devices, policies , and certificatesto give users easy access to e-mail, Wi-Fi, apps, and other business resources. Their favorite devices are ready to use without having to go through a long set-up.

APP Security

Enjoy a comprehensive app security policy, such as the ability to restrict copy/paste and ‘save as’. You do not need device enrollment and can even enforce an app policy on personal devices.

Workshop

A half-day introduction to the endless possibilities that EMS has to offer.

get a better picture of how EMS makes your life easier as a system administrator and h ow it enhances the security of the entire organization and all employees.

Request a Workshop

Free E-Book

How does Microsoft EMS support your organization in its digital transformation? (PDF, 16 pages)

Download E-Book

Overview

Info: EMS can be purchased separately, but is also integrated into the cost-effective Microsoft 365 Enterprise Bundles, along with Office 365 Enterprise and Windows 10 enterprise. also: It is not required to put all profiles on the same bundle.

Ontdek Microsoft 365

Enterprise Mobility + Security

E3

€7.40 per user per month

Azure Active Directory Premium P1
Intune
Azure Information Protection P1
Advanced Threat Analytics

Enterprise Mobility + Security

E5

€14.60 per user per month

Azure Active Directory Premium P2
Intune
Azure Information Protection P2
Advanced Threat Analytics
Cloud App Security
Azure Advanced Threat Protection

Identity and access control

E3

E5

Simplified security and access control

Centralized management of single sign-on for your devices, your datacenter and the cloud.

Multi-Factor Authentication

Enhance login authentication with authentication options, including notifications for phone calls, text messages, or mobile apps, and use security auditing to detect inconsistencies.

Conditional Access

Set up policies for contextual control of user, location, device, and app levels to allow, block or investigate user-access,.

Risk-based conditional access

Secure apps and important data in real time with machine learning and the Microsoft Intelligent Security Graph which allows you to block access in case of risk.

Advanced Security Reporting

Monitor suspicious activity with reporting, auditing, and alerts, and resolve potential security issues with targeted recommendations.

Privileged Identity Management

Offer timely, on-demand administrative access to online services with Toegangsgerelateerde reports and alerts.

Windows Server Client Access License (CAL)

Give each user access to server roles from multiple devices for a single fixed price.

Managed Mobile Productivity

E3

E5

Mobile Device Management

Register business and personal devices so you can implement settings and compliance and secure your business data.

Mobile Application Management

Publish, configure and update mobile apps on registered and unregistered devices and secure or remove app-related business data.

Advanced Microsoft Office 365 Data protection

Expand management and security capabilities for users, devices, apps, and data while maintaining a comprehensive, productive end-user experience.

Integrated PC Management

Centralized management of PC´S, laptops and mobile devices from a single management console with detailed hardware and software configuration reports.

Integrated on-premise management

Extend your on-premise management to the cloud with a single console through the integration of Microsoft System Center Configuration Manager and Microsoft System Center Endpoint Protection for enhanced management of PC´S, Macs, Unix/Linux servers, and mobile devices.

Information Protection

E3

E5

Permanent data protection

Encrypt confidential data and set user rights for persistent security, regardless of where the data is stored or shared.

Intelligent data classification and labeling

Configure policies to automatically classify and label data based on confidentiality level, and then apply persistent security.

Tracking and withdrawing documents

Monitor activities of shared data and withdraw access rights in case of unexpected events.

Encryption key management based on regulatory needs

Choose standard Key management options, or deploy and manage your own keys to comply with regulations.

Identity-based security

E3

E5

Microsoft Advanced Threat Analytics

Detect abnormal behavior within on-premise systems and identify advanced targeted attacks and threats from within before they lead to damage.

Microsoft Cloud App Security

Get visibility, control and protection over your cloud-based apps, and also identify threats, abnormal behavior, and other cloud security vulnerabilities.

Azure Advanced Threat Protection

Track advanced attacks and suspicious behavior on-premises and in the cloud, and investigate it.

Additional info on the integrated solutions:

Azure Active Directory Premium

Azure Active Directory (Azure AD) helps you manage user identities and create an information-based access policy to help protect your organization.

With Azure AD, the management of identities and access is centralised to ensure high security, productivity and management for all devices, data, apps and infrastructure.

Azure AD is designed to use apps in the cloud, on mobile devices or on-premises, and you can add layers of security features, such as conditional access, to protect your users and organizations.

Intune

Make secure mobile productivity possible within a BYOD environment with high-performance mobile Device & Application Management (MDM & MAM).

Configure and manage PC installations remotely and let employees work more securely with their favorite devices and apps. Set up a detailed app policy to control data access and usage while maintaining the familiar Office user experience without having to give users their devices or privacy.

In addition, Intune also offers ‘ conditional access ‘ which allows or prevents access depending on location, behavior, rights, device…

Azure Information Protection

Sensitive data can quickly go round. Azure Information Protection tries to prevent this by using Azure Rights Management. From now on, your identity, encryption and authorisation policies will determine whether or not you can forward, edit, copy, print, or send a document or mail…

Employees can easily protect documents and emails (whether or not automated) by assigning ‘labels’ to them. Such a label contains a set of rules that bring the security settings to a certain level.

Admins can enforce or recommend these rules or conditions to end users based on the content of the document (e.g. when a credit card number has been detected).

Advanced Threat Analytics

Most hacks are discovered only after 146 (!) days. Plenty of time to steal IP and sensitive data. Limit your risk and get all the information you need in a realtime ‘ attack timeline ‘ with Advanced Threat Analytics.

All of Microsoft’s knowledge and insights are built in to understand, analyze and identify normal and suspicious behavior of users or devices. Self-learning and advanced AI teaches your organization and employees to reduce the number of false-positives to an absolute minimum.

You do not need to create or refine rules or monitor a deluge of security reports. Rely on always-current algorithms that adapt to the changes in your users and your business.

E5 Cloud App Security

Microsoft Cloud App Security is only found in the Microsoft EMS E5 formula. It is a cloud Access Security Broker (CASB) that gives you insight into the use of cloud-based apps and services, which quickly brings a lot of ‘ shadow it ‘ to light. (Unapproved soft and hardware that falls outside the IT department).

It provides advanced analytics to prevent cyber threats and allows you to control how your data is accessed and sent. Manage and limit access based on session context such as identity, device and location and detect abnormal behavior immediately.

E5 Azure Advanced Threat Protection

With this cloud-based service, you can protect the most advanced, complex hybrid environments from layered cyber attacks and monitor the status with a simple dashboard.

Advanced network analysis scans for known and new vulnerabilities accross the network, such as in protocols or unusual approaches or manipulation of sensitive accounts and privileges. In addition, multiple security data sources are brought together such as SIEM Integration, Windows event Forwarding, Windows Event Collector, RADIUS Accounting of VPNs…

This way even the most advanced threats such as ‘ Reconnaissance ‘, ‘ Lateral movement cycles ‘ and ‘ Domain Dominance ‘ are immediately stifled.

Info, quote or workshop?

VanRoey.be is a Microsoft Gold partner (logo)

Laat u begeleiden door onze experts

Hybrid-IT

Uw organisatie in de hoogste versnelling

Vision logo

 

15 November: welkom op ons inspirerend eindejaarsevent

Managed Services

Bekijk het webinar