Enterprise Mobility Suite

EMS is a complete, integrated suite for enterprise mobility, it is inclusive of productivity, identity, access control, management, and data protection.

 

It gives you an effective way to deploy and operate a mobility solution in your organization.

Enterprise-grade identity and access management for nearly any app or device, cloud or on-premises with Azure AD Premium, Multi Factor Authentication and Identity Management

Azure AD Premium
Designed to empower organizations with more demanding identity and access management needs, Azure Active Directory Premium edition adds feature-rich, enterprise-level identity management capabilities and enables hybrid users to seamlessly access on-premises and cloud capabilities. This edition includes everything you need for workers information and identity administrators in hybrid environments across application access, self-service identity and access management (IAM), identity protection and security in the cloud. It supports advanced administration and delegation resources such as dynamic groups and self-service group management. It includes Microsoft Identity Manager (an on-premises identity and access management suite) and provides cloud write-back capabilities enabling solutions like self-service password reset for your on-premises users.

Multi Factor Authentication (MFA)
Azure Multi-Factor Authentication offers the richest set of capabilities. It provides additional configuration options via the Azure Management portal, advanced reporting, and support for a range of on-premises and cloud applications. Azure Multi-Factor Authentication comes as part of Azure Active Directory Premium and Enterprise Mobility Suite.

Microsoft Identity Manager
Microsoft Identity Manager (MIM) 2016 builds on the identity and access management capabilities of FIM 2010 R2. Like its predecessor, MIM helps you manage the users, credentials, policies, and access within your organization. Additionally, MIM 2016 adds a hybrid experience, privileged access management capabilities, and support for new platforms.

This version of Microsoft Identity Manager (MIM) comes with new features such as Privileged Identity Manager (PIM) and support in Certificate Management for REST API access. In Certificate Management, there is now added support for multi-forest topologies, a Windows store app for virtual smartcard and certificate lifecycle management, updated events and troubleshooting capabilities. Self-service scenarios now include Account Unlock and multifactor authentication gate for Password Reset.

Microsoft Intune is the “management arm” of the Microsoft Enterprise Mobility Suite. Enterprise mobility is about enabling your employees to be productive on all of their devices while keeping your organization’s information intact and protected.


Intune helps you manage mobile devices and the applications they use. It integrates closely with Azure Active Directory (Azure AD) for identity and access control, and Azure Rights Management (Azure RMS) for data protection.
The primary tools that Intune uses include:

  • Mobile device management (MDM): The ability to enroll devices in Intune so that you can provision, configure, monitor, and take actions on those devices, such as wiping them.
  • Mobile application management (MAM): The ability to publish, push, configure, secure, monitor, and update mobile apps for your users.

Microsoft Intune is the “management arm” of the Microsoft Enterprise Mobility Suite. Enterprise mobility is about enabling your employees to be productive on all of their devices while keeping your organization’s information intact and protected.
Intune helps you manage mobile devices and the applications they use. It integrates closely with Azure Active Directory (Azure AD) for identity and access control, and Azure Rights Management (Azure RMS) for data protection.
The primary tools that Intune uses include:

  • Mobile device management (MDM): The ability to enroll devices in Intune so that you can provision, configure, monitor, and take actions on those devices, such as wiping them.
  • Mobile application management (MAM): The ability to publish, push, configure, secure, monitor, and update mobile apps for your users.

Azure Rights Management


Microsoft Azure Rights Management (Azure RMS) helps you protect your organization’s sensitive information from unauthorized access, and control how this information is used by people who have access to them. Azure Rights Management is a cloud service, and is integrated into other Microsoft cloud services and applications, such as Office 365 and Azure Active Directory. It can also be used with your own line-of-business applications and information protection solutions from software vendors, whether these applications and solutions are on-premises, or in the cloud.

Rights Management uses encryption, identity, and authorization policies to help secure your files and email. In comparison to standard access controls, such as NTFS permissions, protection that is applied by using Rights Management stays with the files and emails, independently of the location—inside or outside your organization, networks, file servers, and applications. This information protection solution keeps you in control of your data, even when it is shared with other people.