New capabilities coming to Microsoft Enterprise Mobility + Security (EMS)
First published on CloudBlogs on Dec 07, 2016
As 2016 draws to a close, we would like to thank you for choosing Microsoft Enterprise Mobility + Security (EMS) to protect and secure your employees as you continue to digitally transform your organizations. More than 37,000 customers and over half of the Fortune 500 have now chosen EMS.
With EMS we continue to build on identity at the core of the solution to maximize your employees’ productivity while at the same time providing the necessary capabilities across security, management of devices and apps, and information protection to ensure that your critical company data is protected. Today we are expanding these capabilities even further with:
Azure Information Protection updates
that provide even greater flexibility and security for protecting data at the file level. These updates include support for more file types, integration with your on-premises encryption key network, and new options for creating classification and protection policies.
Here’s more on these new capabilities and how our customers will benefit from these innovations:
Pass-through authentication with Azure Active Directory
Pass-through authentication now in preview, lets users securely login to cloud resources by validating their password against their on-premises Active Directory more easily than ever. This feature allows customers that cannot or do not want to store passwords in the cloud (even encrypted ones) to onboard Azure Active Directory and Office 365 without having to modify their corporate network infrastructure and install products such as Active Directory Federation Services (AD FS) or similar third party federation solutions. Pass-through authentication is set up via the Azure AD Connect admin experience as the second option for authentication along with Password Sync and AD FS.
Additionally, with this new update, both “Pass-through authentication” and “Password Synchronization” authentication options will now provide seamless single sign-on to Azure AD connected applications from Windows devices.
Preview of Microsoft Intune Admin Console in Azure
The new Intune admin experience on Azure begins rolling out in public preview for new and test tenants. The new console, built in Azure, provides powerful and integrated management of core EMS security solutions, such as conditional access to corporate resources based on device, users or risk, allowing for set up and management of policies between Intune and Azure Active Directory. This new admin experience makes it easier than ever to protect tens of thousands of mobile devices.
Azure Information Protection updates
Protecting data at the file level throughout its lifecycle, from creation to sharing to tracking and revocation, regardless of where it is stored or accessed, is a key priority for our customers and a unique part of the EMS solution. Since the
release of Azure Information Protection in October
we have been listening to customer feedback and are releasing several new capabilities. Below are a few of the highlights:
Give end users more focused classification and protection options with policies based on group membership.
Support for more non-Office file types and bulk labelling of data at rest.
Enterprise Mobility + Security Customer Stories
As more and more customers are choosing EMS, we wanted to share with you some examples of recent customers who have been deploying and using it successfully:
is embracing identity-driven security with EMS to protect applications
balances data security and employee privacy with EMS