How the Microsoft Enterprise Mobility Suite Mitigates Enterprise BYOD Challenges

January 20, 2015
Editorial Staff


Editorial Staff

Concerns around data protection, identity management, and mobile device management encompass the fear of adopting BYOD – once employees leave the security of the corporate network, IT can no longer manage the corporate assets residing on those personal devices. Fortunately, Microsoft’s Enterprise Mobility Suite enables this peace-of-mind while simultaneously providing an efficient and cost-effective mobile licensing agreement.

Enterprise Mobility Suite Overview

According to a 2013 Forrester research report, 29% of the global workforce is classified as anytime, anywhere information workers, meaning they leverage a variety of apps on 3 or more devices from multiple locations. Microsoft CEO Satya Nadella’s “Mobile First, Cloud First” vision truly embraces this idea.

Microsoft’s Enterprise Mobility Suite (EMS) is an Enterprise Agreement (EA) that vastly improves the mobile and cloud experience by integrating seamlessly with Office 365. EMS consolidates Azure Active Directory Premium, Azure Rights Management, and Windows Intune into a single license agreement.

Hybrid Identity Management

Enabled by Azure Active Directory Premium, EMS bridges on-premise and cloud infrastructures by utilizing a centralized identity console. IT is empowered with the ability to apply conditional access controls to sensitive company information, while users experience single sign-on across all company applications whether they’re within the corporate network or not.

In addition to delivering robust identity and access management from the cloud, Azure AD Premium adds to existing on-premise deployments with the below benefits:

  • No limit Directory as a Service
  • No limit SSO for pre-integrated SaaS apps
  • Group-based access management and provisioning
  • Self-service group management, provisioning, and password reset
  • Multi-factor authentication
  • 99.9% up-time SLA
  • And many more…

Mobile Device Management

As illustrated in last week’s Enterprise Mobility blog, Windows Intune empowers IT with settings management across platforms, including certificates, Virtual Private Networks (VPNs), and wireless network profiles. This allows IT to manage on-premise and cloud-based devices and applications from a single console, ensuring that any lost or retired mobile devices can be remotely wiped to protect compromised corporate data. Furthermore, with user mobile devices and PCs aggregated to a single set of credentials, IT can install updates and deploy required apps automatically during enrollment through the self-service Company Portal.

Data Protection

Research conducted by IDC suggests organizations will dedicate 25% of their software budget to mobile app development, deployment, and management by 2017, and only 15% of large organizations will have adequate mobile security governance.

Corporate data is secure with the Microsoft Azure Rights Management Service (RMS). Users can access and send content through Exchange and SharePoint servers with confidence knowing their content is being automatically encrypted to avoid any malicious interception. IT can apply Microsoft Rights Management to a sensitive file that can only be accessed within the corporate network, but not on a personal device when outside the network. However, with certain settings in place, the user can access that file through Workplace Join, which also allows users to sync data to work folders for availability on any device.

The Enterprise Mobility Suite bridges the gap between IT security and user accessibility. If your organization is considering adopting BYOD, contact your SoftwareONE representative to schedule an EMS Workshop with one of our Solution Architects to walk you through the benefits of the Enterprise Mobility Suite.

Leave a Reply