Article

A people first approach to data security and flexible working

Empowering your workforce to work flexibly and securely with Microsoft Enterprise Mobility + Security Suite

So, your mobile users want the ability to access applications and data from any device, at any time and from any location. You know that allowing people the flexibility and choice will drive productivity for your business, however, it’s natural you have concerns about the security of corporate data being accessed so freely, and possibly fearful that you will have less control over it. It’s likely there are many questions you want answers to, such as:

  • How can you be sure that your data is actually being accessed by the person you think it is?
  • If a laptop is stolen, will the company’s data be secure?
  • Will our network be compromised by allowing staff to use their own devices?
  • How can we support our users away from the office outside of office hours?
  • How can you provide access to Windows applications with an iPad?

The answer to these questions may well be Microsoft’s Enterprise Mobility + Security Suite (EMS).

Microsoft Enterprise Mobility + Security Suite (EMS)

EMS is a suite of cloud based products that Microsoft provide to help alleviate these fears. The suite empowers your users to work from any location, at any time whilst providing them with a secure, rich user experience under your control on any device they choose to use.

While there are a number of alternative products from other vendors that are able to provide some of the features of EMS, for example, Airwatch for MDM, IBM Security Identity Governance for Identity and Access Management, or Cisco Cognitive Threat Analytics, no other suite seems to provide the breadth of EMS and integrate seamlessly into a Windows or Office 365 environment.

The suite is made up of six components:

Microsoft Identity Manager
An on premise identity and access manager that synchronises user identities between your directories, databases and applications. It increases administrative security and combats identity theft, while providing your users with the ability to reset their own passwords.

Azure Active Directory Premium
A cloud based identity and access manager that provides enterprise-grade identity and access management on virtually any device, be it Windows, iOS or Android based. Among its features are single sign-on (SSO), multi-factor authentication (MFA) and self-service password resets.

Advanced Threat Analytics
A cloud based behavioural analysis tool that provides advanced threat detection. Continually monitoring your network, it identifies suspicious activity and advanced threats using automated behavioural analytics. When a threat is identified it can provide an alert in almost real time, reducing the risks to your network and data that an undetected threat can exploit as it may take weeks to discover.

Intune
A cloud based mobile device manager (MDM). A management utility that helps you control access to company applications and data on virtually any device using a simple web based interface. Policies can be set to control what, where and when company applications or data can be accessed.

Azure Rights Management
Allows you to protect your company’s data, wherever it may go, even beyond your own network and devices. Using policies, you can control encryption, identity and authorization settings to secure company data and emails across laptops, tablets and mobile phones.

Azure RemoteApp
Allows your users to run Windows based applications on any device by running Windows apps in the cloud.

Why use EMS?

It is estimated that 66% of employees use a personal device for work purposes (1). EMS allows control over these personal devices when accessing company data or email. It doesn’t interfere with personal use of the device and access to personal data on the device isn’t possible whilst connected to the business’ network. It would though prevent the dissemination of company data via email or cloud based storage.

According to Forrester Research 52% of staff in 17 countries use three or more devices for work (2). The more devices in use, the harder it becomes to manage them and control what they can access. EMS, with its simplified interfaces and policy driven settings, can reduce that administrative burden.

By 2017, Gartner believes 90% of enterprises expect to have two or more mobile operating systems (3). To support users on these devices, a device agnostic solution will help reduce costs by not requiring specific management applications and the administrative burden of multiple interfaces and policies.

EMS provides SSO to over 2,500 apps, Office mobile apps and on premise web apps. When 80% of employees admit to using non-approved apps in their work, the ability to control which apps are to be used is made much simpler through EMS.

With EMS you can manage the challenge of providing a mobile workforce with secure access to your company’s information and data. EMS provides a people first approach to the issues of identity, devices, applications and data.

(1) CIB The Future of Corporate ITL: 2013-2017, 2013
(2) Forrester Research: “BT Futures Report: Info workers will erase boundary between enterprise & consumer technologies,” Feb 21, 2013
(3) Gartner Source Press Release, Oct. 25, 2012, http://www.gartner.com/newsroom/id/2213115

Are my Fridge and Toaster talking about me behind my back?

08 September 2017 , Durham Office