SlideShare a Scribd company logo

Slim omgaan met uw mobiele devices - EM+S

Download as PPTX, PDF
Berry Schreuder
Berry Schreuder

EM+S Presentatie van Breinwave voor SLB. Deze is van -voor- de migratie van Intune classic naar de nieuwe portal.

Software
1 of 160
Enterprise Mobility + Security Slim omgaan met uw mobiele devices dinsdag 20 juni 2017
• 9:30 Even voorstellen • 10:00 Introductie EMS en relevantie voor Office 365 • 10:15 Identity management met Azure Active Directory (Premium) • 12:30 Lunch • 13:00 Windows, Apple iOS en Android devices managent met Windows Intune • 15:00 Informatie beveiligen met Azure Rights Management • 15:45 Hoe de mogelijkheden en toepasbaarheid van EMS voor uw organisatie verder te onderzoeken? • 16:30 Vragen Agenda
Even voorstellen • Naam • Instelling • Functie • Status Office 365 • Ervaring met Azure (-AD) • Verwachting vandaag
Accounts EMS Trainingen Gebruikersnaam Wachtwoord ems_bussemaker@slbdienstendemo.nl bussemaker ems_bijsterveldt@slbdienstendemo.nl bijsterveldt ems_plasterk@slbdienstendemo.nl plasterk ems_rouvoet@slbdienstendemo.nl rouvoet1 ems_vdhoeven@slbdienstendemo.nl vdhoeven ems_hermans@slbdienstendemo.nl hermans1 ems_ritzen@slbdienstendemo.nl ritzen12 ems_deetman@slbdienstendemo.nl deetman1 ems_vkemenade@slbdienstendemo.nl vkemenade ems_pais@slbdienstendemo.nl pais1234 ems_vveen@slbdienstendemo.nl vveen123 ems_veringa@slbdienstendemo.nl veringa1 ems_diepenhorst@slbdienstendemo.nl diepenhorst ems_bot@slbdienstendemo.nl bot12345 Productlicenties: Enterprise Mobility Suite • Azure Rights Management Premium • Intune A Direct • Azure Rights Management • Azure Active Directory Premium • Azure-Multi Factor Authentication • SSID is SLB-training • pw is Tr@1ning
1. Introductie EMS en relevantie voor Office 365
EMS Suite’s
3. Identity management met Azure Active Directory (Premium)
Azure Active Directory Introductie
520M identities SSO to 2,477 2,532 SaaS apps & Office 365
Azure AD AD FS Active Directory Domain Services DirSyn c Google Apps SalesForce.com
1 2 3
http://aka.ms/accessaad
Features Azure AD (Free) Azure AD Basic Azure AD Premium Directory as a Service Up to 500k objects No object limit No object limit User and group management using UI or Windows PowerShell Cmdlets Yes Yes Yes Access Panel portal for SSO-based user access to SaaS and custom applications 10 applications per user 10 applications per user No limit User-based application access management/provisioning Yes Yes Yes Self-service password change for cloud users Yes Yes Yes Directory synchronization tool – For syncing between on- premises Active Directory and Azure Active Directory Yes Yes Yes Standard security reports Yes Yes Yes High availability SLA uptime (99.9%) Yes Yes Group-based application access management and provisioning Yes Yes Company branding - customization of company logo and colors to the Sign In and Access Panel pages Yes Yes Self-service password reset for cloud users Yes Yes Configuring a Bring Your Own App (BYOA) Yes
Features Azure AD (Free) Azure AD Basic Azure AD Premium Application Proxy Yes Yes Self-service group management for cloud users Yes Yes Self-service password reset with on-premises write- back Yes Microsoft Identity Manager (MIM) server licenses – For syncing between on-premises databases and/or directories and Azure Active Directory Yes Advanced anomaly security reports (machine learning-based) Yes Advanced usage reporting Yes Multi-Factor Authentication service for cloud users Yes Multi-Factor Authentication server for on-premises users Yes AAD Editions https://msdn.microsoft.com/en-us/library/azure/dn532272.aspx http://blogs.office.com/2015/02/17/sign-page-branding-cloud-user-self-service-password-reset-office-365
Azure Active Directory Integration between On-premises AD and Azure AD
User attributes are synchronized including the password hash, Authentication can be completed against either Azure or Windows Server Active Directory User attributes are synchronized, Authentication is passed back through federation and completed against Windows Server Active Directory Synchronization Federation AD FS provides conditional access to resources, Work Place Join for device registration and integrated Multi-Factor Authentication *Write back of attributes to support cloud first and co-existence Microsoft Azure Microsoft Azure
See Install the Azure AD Sync Service https://msdn.microsoft.com/en-us/library/azure/dn790204.aspx
https://msdn.microsoft.com/en-us/library/azure/dn783462.aspx
https://technet.microsoft.com/en-us/library/dn532270.aspx
https://technet.microsoft.com/en-us/library/dn532270.aspx Desktop
Azure Active Directory Self Service Group Management (SSGM)
• SSGM also enables users to request membership in groups by clicking on the gear icon on the group and clicking join.
https://msdn.microsoft.com/en-us/library/azure/dn913807.aspx
Azure Active Directory Self Service Password Reset (SSPR)
http://aka.ms/ssprsetup http://myapps.microsoft.com
Azure Active Directory MultiFactor Authentication (MFA)
What are you trying to secure? Cloud Multi-Factor Authentication Multi-Factor Authentication Server First party Microsoft apps ● ● SaaS apps in the app gallery ● ● IIS applications published through CWAP ● ● IIS applications not published through CWAP ● Remote access systems such as VPN, RDG ●
2. Windows, Apple iOS en Android devices managen met Windows Intune
Microsoft Intune Mobile device and application management from the cloud
52 percent of information workers across 17 countries report using three or more devices for work* >80 percent of employees admit to using non-approved software-as-a-service (SaaS) applications in their jobs*** 90 percent of enterprises will have two or more mobile operating systems to support in 2017** 52% 90% >80% * Forrester Research: “BT Futures Report: Info workers will erase boundary between enterprise & consumer technologies,” Feb. 21, 2013 ** Gartner Source: Press Release, Oct. 25, 2012, http://www.gartner.com/newsroom/id/2213115 *** http://www.computing.co.uk/ctg/news/2321750/more-than-80-per-cent-of-employees-use-non-approved-saas-apps-report
Devices Apps Data
Protect your data Enable your users Unify your environment People-centric approach Devices Apps Data
Easily manage identities across on-premises and cloud. Single sign-on and self-service for corporate resources. Azure Active Directory Premium Unify identity Manage apps and devices Protect data Microsoft Intune Azure Rights Management Manage and protect corporate apps and data on almost any device with MDM and MAM. Encryption, identity, and authorization policies to secure corporate files and email across phones, tablets, and PCs.
Mobile application management PC managementMobile device management ITUser Microsoft Intune Intune helps organizations provide their employees with access to corporate applications, data, and resources from virtually anywhere on almost any device, while helping to keep corporate information secure.
Enroll • Provide a self-service Company Portal for users to enroll devices • Deliver custom terms and conditions at enrollment • Bulk enroll devices using Apple Configurator or service account • Restrict access to Exchange email if a device is not enrolled Retire • Revoke access to corporate resources • Perform selective wipe • Audit lost and stolen devices Provision • Deploy certificates, email, VPN, and WiFi profiles • Deploy device security policy settings • Install mandatory apps • Deploy app restriction policies • Deploy data protection policies Manage and Protect • Restrict access to corporate resources if policies are violated (e.g., jailbroken device) • Protect corporate data by restricting actions such as copy, cut, paste, and save as between Intune-managed apps and personal apps • Report on device and app compliance User IT
Enable users to be productive
ITUser Actions upon device enrollment • Deploy email, VPN, and WiFi profiles • Deploy certificates • Deploy and install apps • Apply and enforce device configuration settings • Collect hardware and software inventory data Microsoft Intune Devices enrolled
Microsoft Intune Corporate email server IT Deploy email profile upon enrollment • Configure account settings and security restrictions • Enable certificate authentication • Synchronize email, task, contacts, and calendar • Support for iOS, Samsung KNOX, and Windows Phone Any email service supported by Exchange ActiveSync User
Microsoft Passport replaces passwords with strong two-factor authentication to help protect user identities and user credentials • Intune can deploy certificates to Microsoft Passport to authenticate users and help them to access corporate resources • Intune manages Passport for Work policy including PIN settings, biometrics settings, Trusted Platform Module (TPM) requirements Intune provides comprehensive management of Microsoft Passport • Credentials protected by hardware or software • Credentials can be based on certificate or local keys • Can be accessed using biometrics (Windows Hello) or PIN
Microsoft Intune Access corporate resources Authentication token Authenticate and trust my unique key Deploy a certificate and Microsoft Passport settings Azure Active Directory and Active Directory
Azure AD Join makes it possible to connect work-owned Windows 10 devices to your company’s Azure Active Directory. With Azure AD Join, you can auto enroll devices in Microsoft Intune for management. Azure AD Join for Windows 10 Windows 10 Azure AD Joined Devices Intune / MDM auto-enrollment Intune auto-enrollment Enterprise-compliant services Support for hybrid environments Single sign-on from the desktop to cloud and on-premises applications with no VPN
Windows apps anywhere RemoteApp Native apps Intune SaaS apps Azure AD Premium
Consistent experience across Windows, Windows Phone, Android, and iOS Discover and install corporate apps Manage devices and data Ability to contact IT Customizable terms and conditions
Volume purchasing integration Assign licenses to users Purchase licenses in bulk for paid apps using the Windows Store for Business and Apple Volume Purchasing Program (VPP) Deploy licenses to users with Intune and install apps as required License and app installed by store Deploy offline app packages to Windows 10 devices that cannot access the Windows Store with next version of Configuration Manager
Corporate- owned devices Corporate-owned devices (CYOD), with personal use allowed Retail outlets using tablets as point of sales devices, gift registries, etc. Schools providing tablets for technology- based learning
 Need fast and easy way to enroll CYOD devices  Should not be able to un-enroll devices that are corporate-owned  Need access to corporate apps and other MDM capabilities on devices to be productive User  Need easy way to prepare corporate- owned devices for enrollment  Need to distinguish corporate-owned devices from personal-owned devices in the management console  Need fast and easy way to bulk enroll shared devices  Need devices to be secure at all times and within IT control IT End usersIT admins
Service account enrollment Apple Configurator Apple Device Enrollment Program (DEP) Windows 10 provisioning profile
Business Manager IT Apply policies School Retail StoreRestaurant Deploy policies using Intune to lock down devices so they can only run applications allowed by IT Allow multiple users to use the same device and customize device experience based on identity Deploy Device Guard policies using Intune to only allow trusted applications to run on Windows 10 devices
Protect corporate data from virtually anywhere
The perimeter cannot help protect data stored in the cloudAccess control to corporate data today Mobile devices PCs Web browsers AppsData
Enterprise Mobility Suite Access control and data protection integrated natively in the apps, devices, and the cloud SharePoint Online Exchange Online
Conditional access policies IP Range Device State Advanced Windows 10 options User Group User On-premises Cloud Corporate apps
Windows Provable PC Health (PPCH) SharePoint Online Exchange Online User Microsoft Intune SharePoint Online Exchange Online User Microsoft Intune
Apply and enforce device configuration settings across iOS, Android, and Windows via Intune MDM Collect hardware and software inventory data for reporting Manage settings across Windows 10 PC, phone, and IoT devices via Intune MDM – including Windows Defender (anti-malware), Firewall, and Cortana
Windows 8.1 Windows 10 Basic management and security settings Device lockdown Comprehensive device management Phone Desktop Phone Desktop Significant investments in added functionality for both mobile and desktop devices
Enforce corporate data access requirements Prevent data leakage on the device Enforce encryption of app data at rest App-level selective wipe
Maximize mobile productivity and protect corporate resources with Office mobile apps – including multi-identity support Extend these capabilities to your existing line-of-business apps using the Intune App Wrapping Tool Enable secure viewing of content using the Managed Browser, PDF Viewer, AV Player, and Image Viewer apps Managed apps Personal appsPersonal apps Managed apps ITUser Corporate data Personal data Multi-identity policy
Personal apps Managed apps Maximize productivity while preventing leakage of company data by restricting actions such as copy, cut, paste, and save as between Intune-managed apps and unmanaged apps User
Personal apps Managed apps Perform selective wipe via self-service company portal or admin console Remove managed apps and data Keep personal apps and data intact IT IT
Configure and manage EDP policies with Intune and Azure Rights Management Separate personal and corporate data with limited impact to employee’s day-to-day activities Protect data at rest and wherever it may roam* User Corporate network Microsoft Intune & Azure Rights Management Apply policies Save Save Share files and enforce policies File share Personal storage Secure content collaboration through integration with Azure Rights Management * Some roaming scenarios use Azure Right Management Control app access to corporate data and prevent copy and paste-related data leaks
Microsoft Intune Microsoft Intune Azure Rights Management Device protection BitLocker Device Guard Device settings Windows Defender Data separation Leak protection Enterprise Data Protection Sharing protection Rights Management
Containers Depends on specific DMZ infrastructure Works on- premises only SharePoint Server Exchange Server Corporate network Active Directory Firewall Firewall DMZ/ Perimeter network SDK/wrapper, managed browser, managed viewers Custom SDK/wrapper enables line-of-business apps to be managed Mobile application management Custom data container provides mobile productivity apps integrated with content and access systems Custom email app Custom file app Custom collab app Native device MDM Standard MDM provides device configuration and management
Standard on-premises integration SharePoint Online Exchange Online Cloud integration Intune App SDK Intune App Wrapping Tool Extensibility based on Azure AD and Intune Enable business apps to interoperate with Office mobile apps SharePoint Server Exchange Server Corporate network Active Directory Firewall Firewall DMZ/ Perimeter network Managed Office productivity and moreOffice 365: Mobile productivity Azure AD: Access control to Office 365 and SaaS apps Intune: App restrictions for Office mobile and LOB apps Azure Rights Management: Information protection at the file layer Native device MDMIntune: Cross-platform MDM
Identify and authorize user Apply device policies Apply application policies Apply content policies User IT ActiveDirectoryPremium Rights Management Enterprise Mobility Suite
Summary Deployment flexibility Modern architecture Enable enterprise mobility with EMS
Mobile devices and PCs Mobile devices System Center Configuration Manager Domain joined PCs Configuration Manager integrated with Intune (hybrid)Intune standalone (cloud only) IT IT Intune web console Configuration Manager console
• Always up-to-date, no need to migrate • Always available and reachable • Easy to try, adopt, and deploy • Integrates with existing on-premises infrastructure • Disaster recovery and geo-diversity • Assign your data to a region • Built from the ground up: datacenter, fabric, SaaS • Built using world-class engineering and security • Compliant and certified • Financially backed Service Level Agreements (SLAs) Intune Office 365 Azure Active Directory Azure Rights Management
Security reports, audit reports, multi-factor authentication Self-service password reset and group management Single sign-on to over 2,400 popular SaaS applications Information protection Connection to on-premises assets Bring your own key Mobile device settings management Mobile application management with Office mobile apps Conditional access and selective wipe Active Directory Premium Rights Management
101
Devices Apps Data Management. Access control. Information protection. Protect your data Enable your users User IT
Identity Application Device Data
New intuitive dashboard Respond to alerts Manage software deployments Configure and deploy policies View reports Role-based management Intune web console
Mobile devices and PCs Intune standalone (cloud only) IT Intune web console Manage and Protect • No existing infrastructure necessary • No existing Configuration Manager deployment required • Simplified policy control • Simple web-based administration console • Faster cadence of updates • Always up-to-date Devices Supported • Windows PCs (x86/64, Intel SoC) • Windows RT • Windows Phone 8.x • iOS • Android
Mobile devices System Center Configuration Manager Domain joined PCs Configuration Manager integrated with Intune (hybrid) IT Configuration Manager console System Center 2012 R2 Configuration Manager with Microsoft Intune • Build on existing Configuration Manager deployment • Full PC management (OS deployment, endpoint protection, application delivery control, custom reporting) • Deep policy control requirements • Greater scalability • Extensible administration tools (RBA, PowerShell, SQL reporting services) • Windows RT • Windows Phone 8.x • iOS • Android Devices Supported • Windows PCs (x86/64, Intel SoC) • Windows to Go • Windows Server • Linux • Mac OS X
Conventional Modern
Intune standalone (cloud only) Lightweight, agentless OR agent-based management PC protection from malware PC software update management Software distribution Proactive monitoring and alerts Hardware and software inventory Policies for Windows Firewall management Intune standalone (cloud only) Configuration Manager integrated with Intune (hybrid) Lightweight, agentless OR agent-based management Lightweight, agentless OR comprehensive agent-based management PC protection from malware PC protection from malware PC software update management PC software update management Software distribution Software distribution Proactive monitoring and alerts Proactive monitoring and alerts Hardware and software inventory Hardware and software inventory Policies for Windows Firewall management Policies for Windows Firewall management Operating system deployment PC, mobile device, Windows Server, Linux/Unix, Mac, and virtual desktop management Power management Custom reporting
Comprehensive security policies are enforced on each platform Reporting available on each setting whether it is applicable, conformant or has an error Extensive configuration settings are available for each platform Policies can be applied to user and device groups User
Automatic VPN connection Per-app VPN (iOS)VPN
WiFi settings Manage and distribute certificates Provision networks Setup certificate based authentication
ITUser Hardware properties for mobile devices are collected Company app inventory is collected Personal app inventory is not collected Reporting
If compliant, email access is granted 7 Enrollment / compliance remediation 5 If not compliant, push device into quarantine Quarantine 4 2 Quarantine email with remediation steps Link to enroll device and compliance remediation steps Who does what? Intune: Evaluate policy compliance for device Azure AD: Authenticate user and provide device compliance status Exchange Online: Enforces access to email based on device state Attempt email connection 1 3 Azure Active Directory Set device management/ compliance status 6 Office 365 Mobile device Microsoft Intune
2 Attempt email connection 1 Block unmanaged device 5 Allow managed device Device enrollment4 6 If managed, email access is granted Who does what? Intune: Evaluate and manage device state Exchange Server: Provides API and infrastructure for quarantine Quarantine email with remediation steps Link to enroll device 3 If not managed, push device into quarantine Quarantine Mobile device Microsoft Intune On-premises Exchange server
Platform Desktop Apps (.msi, .exe) * Modern App Types Managed Store app Side loading Deep Links Web apps.app .app .ipa .apk Windows 8.1/10 ● ● ● ● Windows RT ● ● ● iOS ● ● ● ● Android ● ● ● ● Windows Phone ● ● ● Windows 7 and below ● ●
Category Feature Exchange ActiveSync MDM for Office 365 Microsoft Intune (cloud only) Intune + ConfigMgr (hybrid) Device configuration Inventory mobile devices that access corporate applications ● ● ● ● Remote factory reset (full device wipe) ● ● ● ● Mobile device configuration settings (PIN length, PIN required, lock time, etc.) ● ● ● ● Self-service password reset (Office 365 cloud only users) ● ● ● ● Office365 Provides reporting on devices that do not meet IT policy ● ● ● Group-based policies and reporting (ability to use groups for targeted device configuration) ● ● ● Root and jailbreak detection ● ● ● Remove Office 365 app data from mobile devices while leaving personal data and apps intact (selective wipe) ● ● ● Prevent access to corporate email and documents based upon device enrollment and compliance policies ● ● ● Premium mobiledevice& appmanagement Self-service Company Portal for users to enroll their own devices and install corporate apps ● ● App deployment (Windows Phone, iOS, Android) ● ● Deploy certificates, VPN profiles (including app-specific profiles), email profiles, and Wi-Fi profiles ● ● Prevent cut/copy/paste/save as of data from corporate apps to personal apps (mobile application management) ● ● Secure content viewing via Managed Browser, PDF Viewer, Image Viewer, and AV Player apps for Intune ● ● Remote device lock via self-service Company Portal and via admin console ● ● PC management Client PC management (e.g. Windows 8.1, inventory, antimalware, patch, policies, etc.) ● ● PC software management ● ● Comprehensive PC management (e.g. Group Policy, login scripts, BitLocker management, virtual desktop and power management, custom reporting, etc.) ● Windows Server/Linux/UNIX/Mac OS X support ● OS deployment and imaging ●
4. Informatie beveiligen met Azure Rights Management
EMS Partner Bootcamp
87% of senior managers admit to regularly uploading work files to a personal email or cloud account.* 87% 58% have accidentally sent sensitive information to the wrong person.* 58% >80% focus on data leak prevention for personal devices, but ignore the issue on corporate owned devices where the risks are the same ??%
Information Author Recipient External Users Mobile Devices USB Drive
AD Clients Servers SaaS Supply Chain Outside Data Centers PaaS
The traditional perimeter is rapidly eroding IT needs continuous data protection that works across ‘classic boundaries’ Consumerization of IT Users need access, from any device Externalization of IT Applications are on-premises and in the cloud More data, stored in more places Dispersed enterprise data needs protection Social Enterprise Data is shared between people and applications
EMS Partner Bootcamp
1. Document author attempts to protect a document 3. Author protects the document 4. Author distributes the document to another user 5. User contacts the information protection platform, is authenticated, and receives a use license 2. Author obtains the certificates necessary to participate in the information protection platform
Galactic Empire Confidential – You cannot copy, print or export this information in unprotected form to droids of any class. User Certificates User License Galactic Empire Confidential – You cannot copy, print or export this information in unprotected form to droids of any class. Publishing License and Keys
File share, email server or document library Authorized Users Business network Authorized Users Unauthorized Users Can’t forward Use Licenses Unauthorized Users No License AD RMS Server
EMS Partner Bootcamp
• • •
Recipient RMS SharePoint
• • •
• • • •
• •
Client integration User Authentication Integration Authentication and collaboration BYO Key Client integration
Architecture – Azure RMS
5. Hoe de mogelijkheden en toepasbaarheid van EMS voor uw organisatie verder te onderzoeken?
Iedereen een tenant! • Tenant? Wat is een tenant? • Nieuwe? Bestaande? • Log even in met een “In-Private” browser sessie. • Stuur nu een email naar berry.schreuder@breinwave.nl met als onderwerp: • “EMSTRIAL” en je krijgt een uitnodging terug voor: • 100 licenses Enterprise Security + Mobility E3 • Gedelegeerd beheer voor Breinwave (mag je ook weigeren) • Je kunt dit aktiveren in je bestaande tenant, maar denk goed na of je dat wilt • De TRIAL duurt 30-dagen
Evaluatie • https:// • Of op een mapje op je Bureaublad. • Eerder mag je niet naar huis
Slim omgaan met uw mobiele devices - EM+S

Recommended

What small businesses need to know about Azure AD premium
What small businesses need to know about Azure AD premiumWhat small businesses need to know about Azure AD premium
What small businesses need to know about Azure AD premiumMiguel Tena
 
AzureAAD
AzureAADAzureAAD
AzureAADTonyHotko
 
Azure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersAzure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersJohn Garland
 
Identity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureIdentity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureSparkhound Inc.
 
Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...
Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...
Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...Jan Ketil Skanke
 
Microsoft Enterprise Mobility Suite Poster
Microsoft Enterprise Mobility Suite PosterMicrosoft Enterprise Mobility Suite Poster
Microsoft Enterprise Mobility Suite PosterDavid J Rosenthal
 
JoTechies - Cloud identity
JoTechies - Cloud identityJoTechies - Cloud identity
JoTechies - Cloud identityJoTechies
 
Microsoft Cloud Identity and Access Management Poster - Atidan
Microsoft Cloud Identity and Access Management Poster - AtidanMicrosoft Cloud Identity and Access Management Poster - Atidan
Microsoft Cloud Identity and Access Management Poster - AtidanDavid J Rosenthal
 

Recommended

What small businesses need to know about Azure AD premium
What small businesses need to know about Azure AD premiumWhat small businesses need to know about Azure AD premium
What small businesses need to know about Azure AD premiumMiguel Tena
 
AzureAAD
AzureAADAzureAAD
AzureAADTonyHotko
 
Azure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersAzure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersJohn Garland
 
Identity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureIdentity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureSparkhound Inc.
 
Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...
Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...
Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...Jan Ketil Skanke
 
Microsoft Enterprise Mobility Suite Poster
Microsoft Enterprise Mobility Suite PosterMicrosoft Enterprise Mobility Suite Poster
Microsoft Enterprise Mobility Suite PosterDavid J Rosenthal
 
JoTechies - Cloud identity
JoTechies - Cloud identityJoTechies - Cloud identity
JoTechies - Cloud identityJoTechies
 
Microsoft Cloud Identity and Access Management Poster - Atidan
Microsoft Cloud Identity and Access Management Poster - AtidanMicrosoft Cloud Identity and Access Management Poster - Atidan
Microsoft Cloud Identity and Access Management Poster - AtidanDavid J Rosenthal
 
Agile IT EMS webinar series, session 1
Agile IT EMS webinar series, session 1Agile IT EMS webinar series, session 1
Agile IT EMS webinar series, session 1AgileIT
 
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...Edge Pereira
 
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...Morgan Simonsen
 
EMS, one suite to manage and secure your workplace
EMS, one suite to manage and secure your workplaceEMS, one suite to manage and secure your workplace
EMS, one suite to manage and secure your workplaceDelta-N
 
Empower Enterprise Mobility with Microsoft EMS
Empower Enterprise Mobility with Microsoft EMSEmpower Enterprise Mobility with Microsoft EMS
Empower Enterprise Mobility with Microsoft EMSKris Wagner
 
Azure AD Premium @ Windows 10 Partner Technical Bootcamp Microsoft Norway Oct...
Azure AD Premium @ Windows 10 Partner Technical Bootcamp Microsoft Norway Oct...Azure AD Premium @ Windows 10 Partner Technical Bootcamp Microsoft Norway Oct...
Azure AD Premium @ Windows 10 Partner Technical Bootcamp Microsoft Norway Oct...Jan Ketil Skanke
 
Identity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyIdentity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyDavid J Rosenthal
 
eQuorum-eBook-6-2021.pdf
eQuorum-eBook-6-2021.pdfeQuorum-eBook-6-2021.pdf
eQuorum-eBook-6-2021.pdfMuhammadAdeelTariq1
 
How to Migrate G Suite to Office 365 Readily!
How to Migrate G Suite to Office 365 Readily! How to Migrate G Suite to Office 365 Readily!
How to Migrate G Suite to Office 365 Readily!Dee Negi
 
Enterprise Mobility Suite
Enterprise Mobility SuiteEnterprise Mobility Suite
Enterprise Mobility SuitePeter Daalmans
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itPeter De Tender
 
Next Level Learning IT Track 6 - Cloud Trust
Next Level Learning IT Track 6 - Cloud TrustNext Level Learning IT Track 6 - Cloud Trust
Next Level Learning IT Track 6 - Cloud TrustMicrosoft Education AU
 
From classification to protection of your data, secure your business with azu...
From classification to protection of your data, secure your business with azu...From classification to protection of your data, secure your business with azu...
From classification to protection of your data, secure your business with azu...Joris Faure
 
EMS-HPT Template-v.1.0
EMS-HPT Template-v.1.0EMS-HPT Template-v.1.0
EMS-HPT Template-v.1.0Huy Pham
 
Enterprise mobility suite
Enterprise mobility suiteEnterprise mobility suite
Enterprise mobility suiteAli Mkahal
 
Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Plain Concepts
 
Microsoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanMicrosoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanDavid J Rosenthal
 
Microsoft Windows Intune getting started guide dec 2012 release
Microsoft Windows Intune getting started guide dec 2012 releaseMicrosoft Windows Intune getting started guide dec 2012 release
Microsoft Windows Intune getting started guide dec 2012 releaseDavid J Rosenthal
 
Securing your Azure Identity Infrastructure
Securing your Azure Identity InfrastructureSecuring your Azure Identity Infrastructure
Securing your Azure Identity InfrastructureVignesh Ganesan I Microsoft MVP
 
MMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itMMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itPeter Daalmans
 
05-Empowering-Enterprise-Mobility-FR.pptx
05-Empowering-Enterprise-Mobility-FR.pptx05-Empowering-Enterprise-Mobility-FR.pptx
05-Empowering-Enterprise-Mobility-FR.pptxAshvin Dixit
 
Modern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementModern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementOlav Tvedt
 

More Related Content

What's hot

Agile IT EMS webinar series, session 1
Agile IT EMS webinar series, session 1Agile IT EMS webinar series, session 1
Agile IT EMS webinar series, session 1AgileIT
 
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...Edge Pereira
 
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...Morgan Simonsen
 
EMS, one suite to manage and secure your workplace
EMS, one suite to manage and secure your workplaceEMS, one suite to manage and secure your workplace
EMS, one suite to manage and secure your workplaceDelta-N
 
Empower Enterprise Mobility with Microsoft EMS
Empower Enterprise Mobility with Microsoft EMSEmpower Enterprise Mobility with Microsoft EMS
Empower Enterprise Mobility with Microsoft EMSKris Wagner
 
Azure AD Premium @ Windows 10 Partner Technical Bootcamp Microsoft Norway Oct...
Azure AD Premium @ Windows 10 Partner Technical Bootcamp Microsoft Norway Oct...Azure AD Premium @ Windows 10 Partner Technical Bootcamp Microsoft Norway Oct...
Azure AD Premium @ Windows 10 Partner Technical Bootcamp Microsoft Norway Oct...Jan Ketil Skanke
 
Identity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyIdentity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyDavid J Rosenthal
 
How to Migrate G Suite to Office 365 Readily!
How to Migrate G Suite to Office 365 Readily! How to Migrate G Suite to Office 365 Readily!
How to Migrate G Suite to Office 365 Readily!Dee Negi
 
Enterprise Mobility Suite
Enterprise Mobility SuiteEnterprise Mobility Suite
Enterprise Mobility SuitePeter Daalmans
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itPeter De Tender
 
Next Level Learning IT Track 6 - Cloud Trust
Next Level Learning IT Track 6 - Cloud TrustNext Level Learning IT Track 6 - Cloud Trust
Next Level Learning IT Track 6 - Cloud TrustMicrosoft Education AU
 
From classification to protection of your data, secure your business with azu...
From classification to protection of your data, secure your business with azu...From classification to protection of your data, secure your business with azu...
From classification to protection of your data, secure your business with azu...Joris Faure
 
EMS-HPT Template-v.1.0
EMS-HPT Template-v.1.0EMS-HPT Template-v.1.0
EMS-HPT Template-v.1.0Huy Pham
 
Enterprise mobility suite
Enterprise mobility suiteEnterprise mobility suite
Enterprise mobility suiteAli Mkahal
 
Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Plain Concepts
 
Microsoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanMicrosoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanDavid J Rosenthal
 
Microsoft Windows Intune getting started guide dec 2012 release
Microsoft Windows Intune getting started guide dec 2012 releaseMicrosoft Windows Intune getting started guide dec 2012 release
Microsoft Windows Intune getting started guide dec 2012 releaseDavid J Rosenthal
 
MMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itMMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itPeter Daalmans
 

What's hot (20)

Agile IT EMS webinar series, session 1
Agile IT EMS webinar series, session 1Agile IT EMS webinar series, session 1
Agile IT EMS webinar series, session 1
 
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...
Microsoft EMS - Everybody Together Now - Edge Pereira - Microsoft Office 365 ...
 
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
 
EMS, one suite to manage and secure your workplace
EMS, one suite to manage and secure your workplaceEMS, one suite to manage and secure your workplace
EMS, one suite to manage and secure your workplace
 
Empower Enterprise Mobility with Microsoft EMS
Empower Enterprise Mobility with Microsoft EMSEmpower Enterprise Mobility with Microsoft EMS
Empower Enterprise Mobility with Microsoft EMS
 
Azure AD Premium @ Windows 10 Partner Technical Bootcamp Microsoft Norway Oct...
Azure AD Premium @ Windows 10 Partner Technical Bootcamp Microsoft Norway Oct...Azure AD Premium @ Windows 10 Partner Technical Bootcamp Microsoft Norway Oct...
Azure AD Premium @ Windows 10 Partner Technical Bootcamp Microsoft Norway Oct...
 
Identity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyIdentity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor Technology
 
eQuorum-eBook-6-2021.pdf
eQuorum-eBook-6-2021.pdfeQuorum-eBook-6-2021.pdf
eQuorum-eBook-6-2021.pdf
 
How to Migrate G Suite to Office 365 Readily!
How to Migrate G Suite to Office 365 Readily! How to Migrate G Suite to Office 365 Readily!
How to Migrate G Suite to Office 365 Readily!
 
Enterprise Mobility Suite
Enterprise Mobility SuiteEnterprise Mobility Suite
Enterprise Mobility Suite
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy it
 
Next Level Learning IT Track 6 - Cloud Trust
Next Level Learning IT Track 6 - Cloud TrustNext Level Learning IT Track 6 - Cloud Trust
Next Level Learning IT Track 6 - Cloud Trust
 
From classification to protection of your data, secure your business with azu...
From classification to protection of your data, secure your business with azu...From classification to protection of your data, secure your business with azu...
From classification to protection of your data, secure your business with azu...
 
EMS-HPT Template-v.1.0
EMS-HPT Template-v.1.0EMS-HPT Template-v.1.0
EMS-HPT Template-v.1.0
 
Enterprise mobility suite
Enterprise mobility suiteEnterprise mobility suite
Enterprise mobility suite
 
Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa
 
Microsoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanMicrosoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by Atidan
 
Microsoft Windows Intune getting started guide dec 2012 release
Microsoft Windows Intune getting started guide dec 2012 releaseMicrosoft Windows Intune getting started guide dec 2012 release
Microsoft Windows Intune getting started guide dec 2012 release
 
Securing your Azure Identity Infrastructure
Securing your Azure Identity InfrastructureSecuring your Azure Identity Infrastructure
Securing your Azure Identity Infrastructure
 
MMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itMMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure it
 

Similar to Slim omgaan met uw mobiele devices - EM+S

05-Empowering-Enterprise-Mobility-FR.pptx
05-Empowering-Enterprise-Mobility-FR.pptx05-Empowering-Enterprise-Mobility-FR.pptx
05-Empowering-Enterprise-Mobility-FR.pptxAshvin Dixit
 
Modern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementModern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementOlav Tvedt
 
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?Kenny Buntinx
 
15th December 2016 - Microsoft Paddington Vuzion Partner Event
15th December 2016 - Microsoft Paddington Vuzion Partner Event15th December 2016 - Microsoft Paddington Vuzion Partner Event
15th December 2016 - Microsoft Paddington Vuzion Partner EventVuzion
 
#EVRYWhatsNext EMS Slide Deck
#EVRYWhatsNext EMS Slide Deck#EVRYWhatsNext EMS Slide Deck
#EVRYWhatsNext EMS Slide DeckOlav Tvedt
 
Make IT Pro's great again: Microsoft Azure for the SharePoint professional
Make IT Pro's great again: Microsoft Azure for the SharePoint professionalMake IT Pro's great again: Microsoft Azure for the SharePoint professional
Make IT Pro's great again: Microsoft Azure for the SharePoint professionalBIWUG
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active DirectorySovelto
 
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10MVP Dagen
 
Microsoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - AtidanMicrosoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - AtidanDavid J Rosenthal
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan David J Rosenthal
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKPeter Selch Dahl
 
SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivity SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivityDiana Carolina Torres Viasus
 
EPC Group Intune Practice and Capabilities Overview
EPC Group Intune Practice and Capabilities OverviewEPC Group Intune Practice and Capabilities Overview
EPC Group Intune Practice and Capabilities OverviewEPC Group
 
2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD 2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD Peter Selch Dahl
 
Mobility & security Microsoft SPE5 By Bipeen Sinha
Mobility & security Microsoft SPE5 By Bipeen SinhaMobility & security Microsoft SPE5 By Bipeen Sinha
Mobility & security Microsoft SPE5 By Bipeen SinhaBipeen Sinha
 
Ms cloud identity and access infographic 2015
Ms cloud identity and access infographic 2015Ms cloud identity and access infographic 2015
Ms cloud identity and access infographic 2015Kesavan Munuswamy
 
MS Cloud Identity and Access Infographic 2015 (1)
MS Cloud Identity and Access Infographic 2015 (1)MS Cloud Identity and Access Infographic 2015 (1)
MS Cloud Identity and Access Infographic 2015 (1)Luís Serra Libório
 
I1 - Securing Office 365 and Microsoft Azure like a rockstar (or like a group...
I1 - Securing Office 365 and Microsoft Azure like a rockstar (or like a group...I1 - Securing Office 365 and Microsoft Azure like a rockstar (or like a group...
I1 - Securing Office 365 and Microsoft Azure like a rockstar (or like a group...SPS Paris
 
Webinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWebinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWithum
 
Primendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suitePrimendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suitePrimend
 

Similar to Slim omgaan met uw mobiele devices - EM+S (20)

05-Empowering-Enterprise-Mobility-FR.pptx
05-Empowering-Enterprise-Mobility-FR.pptx05-Empowering-Enterprise-Mobility-FR.pptx
05-Empowering-Enterprise-Mobility-FR.pptx
 
Modern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementModern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - Management
 
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
 
15th December 2016 - Microsoft Paddington Vuzion Partner Event
15th December 2016 - Microsoft Paddington Vuzion Partner Event15th December 2016 - Microsoft Paddington Vuzion Partner Event
15th December 2016 - Microsoft Paddington Vuzion Partner Event
 
#EVRYWhatsNext EMS Slide Deck
#EVRYWhatsNext EMS Slide Deck#EVRYWhatsNext EMS Slide Deck
#EVRYWhatsNext EMS Slide Deck
 
Make IT Pro's great again: Microsoft Azure for the SharePoint professional
Make IT Pro's great again: Microsoft Azure for the SharePoint professionalMake IT Pro's great again: Microsoft Azure for the SharePoint professional
Make IT Pro's great again: Microsoft Azure for the SharePoint professional
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
 
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10
 
Microsoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - AtidanMicrosoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - Atidan
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDK
 
SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivity SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivity
 
EPC Group Intune Practice and Capabilities Overview
EPC Group Intune Practice and Capabilities OverviewEPC Group Intune Practice and Capabilities Overview
EPC Group Intune Practice and Capabilities Overview
 
2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD 2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD
 
Mobility & security Microsoft SPE5 By Bipeen Sinha
Mobility & security Microsoft SPE5 By Bipeen SinhaMobility & security Microsoft SPE5 By Bipeen Sinha
Mobility & security Microsoft SPE5 By Bipeen Sinha
 
Ms cloud identity and access infographic 2015
Ms cloud identity and access infographic 2015Ms cloud identity and access infographic 2015
Ms cloud identity and access infographic 2015
 
MS Cloud Identity and Access Infographic 2015 (1)
MS Cloud Identity and Access Infographic 2015 (1)MS Cloud Identity and Access Infographic 2015 (1)
MS Cloud Identity and Access Infographic 2015 (1)
 
I1 - Securing Office 365 and Microsoft Azure like a rockstar (or like a group...
I1 - Securing Office 365 and Microsoft Azure like a rockstar (or like a group...I1 - Securing Office 365 and Microsoft Azure like a rockstar (or like a group...
I1 - Securing Office 365 and Microsoft Azure like a rockstar (or like a group...
 
Webinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWebinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft Cloud
 
Primendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suitePrimendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suite
 

Recently uploaded

The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendArshad QA
 

Recently uploaded (20)

The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and Backend
 

Slim omgaan met uw mobiele devices - EM+S

  • 1. Enterprise Mobility + Security Slim omgaan met uw mobiele devices dinsdag 20 juni 2017
  • 2. • 9:30 Even voorstellen • 10:00 Introductie EMS en relevantie voor Office 365 • 10:15 Identity management met Azure Active Directory (Premium) • 12:30 Lunch • 13:00 Windows, Apple iOS en Android devices managent met Windows Intune • 15:00 Informatie beveiligen met Azure Rights Management • 15:45 Hoe de mogelijkheden en toepasbaarheid van EMS voor uw organisatie verder te onderzoeken? • 16:30 Vragen Agenda
  • 3. Even voorstellen • Naam • Instelling • Functie • Status Office 365 • Ervaring met Azure (-AD) • Verwachting vandaag
  • 4. Accounts EMS Trainingen Gebruikersnaam Wachtwoord ems_bussemaker@slbdienstendemo.nl bussemaker ems_bijsterveldt@slbdienstendemo.nl bijsterveldt ems_plasterk@slbdienstendemo.nl plasterk ems_rouvoet@slbdienstendemo.nl rouvoet1 ems_vdhoeven@slbdienstendemo.nl vdhoeven ems_hermans@slbdienstendemo.nl hermans1 ems_ritzen@slbdienstendemo.nl ritzen12 ems_deetman@slbdienstendemo.nl deetman1 ems_vkemenade@slbdienstendemo.nl vkemenade ems_pais@slbdienstendemo.nl pais1234 ems_vveen@slbdienstendemo.nl vveen123 ems_veringa@slbdienstendemo.nl veringa1 ems_diepenhorst@slbdienstendemo.nl diepenhorst ems_bot@slbdienstendemo.nl bot12345 Productlicenties: Enterprise Mobility Suite • Azure Rights Management Premium • Intune A Direct • Azure Rights Management • Azure Active Directory Premium • Azure-Multi Factor Authentication • SSID is SLB-training • pw is Tr@1ning
  • 5. 1. Introductie EMS en relevantie voor Office 365
  • 6.
  • 8. 3. Identity management met Azure Active Directory (Premium)
  • 10. 520M identities SSO to 2,477 2,532 SaaS apps & Office 365
  • 11.
  • 12. Azure AD AD FS Active Directory Domain Services DirSyn c Google Apps SalesForce.com
  • 13. 1 2 3
  • 15. Features Azure AD (Free) Azure AD Basic Azure AD Premium Directory as a Service Up to 500k objects No object limit No object limit User and group management using UI or Windows PowerShell Cmdlets Yes Yes Yes Access Panel portal for SSO-based user access to SaaS and custom applications 10 applications per user 10 applications per user No limit User-based application access management/provisioning Yes Yes Yes Self-service password change for cloud users Yes Yes Yes Directory synchronization tool – For syncing between on- premises Active Directory and Azure Active Directory Yes Yes Yes Standard security reports Yes Yes Yes High availability SLA uptime (99.9%) Yes Yes Group-based application access management and provisioning Yes Yes Company branding - customization of company logo and colors to the Sign In and Access Panel pages Yes Yes Self-service password reset for cloud users Yes Yes Configuring a Bring Your Own App (BYOA) Yes
  • 16. Features Azure AD (Free) Azure AD Basic Azure AD Premium Application Proxy Yes Yes Self-service group management for cloud users Yes Yes Self-service password reset with on-premises write- back Yes Microsoft Identity Manager (MIM) server licenses – For syncing between on-premises databases and/or directories and Azure Active Directory Yes Advanced anomaly security reports (machine learning-based) Yes Advanced usage reporting Yes Multi-Factor Authentication service for cloud users Yes Multi-Factor Authentication server for on-premises users Yes AAD Editions https://msdn.microsoft.com/en-us/library/azure/dn532272.aspx http://blogs.office.com/2015/02/17/sign-page-branding-cloud-user-self-service-password-reset-office-365
  • 17.
  • 18.
  • 19. Azure Active Directory Integration between On-premises AD and Azure AD
  • 20. User attributes are synchronized including the password hash, Authentication can be completed against either Azure or Windows Server Active Directory User attributes are synchronized, Authentication is passed back through federation and completed against Windows Server Active Directory Synchronization Federation AD FS provides conditional access to resources, Work Place Join for device registration and integrated Multi-Factor Authentication *Write back of attributes to support cloud first and co-existence Microsoft Azure Microsoft Azure
  • 21.
  • 22.
  • 23. See Install the Azure AD Sync Service https://msdn.microsoft.com/en-us/library/azure/dn790204.aspx
  • 25.
  • 26.
  • 29. Azure Active Directory Self Service Group Management (SSGM)
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39. • SSGM also enables users to request membership in groups by clicking on the gear icon on the group and clicking join.
  • 40.
  • 41.
  • 43.
  • 44. Azure Active Directory Self Service Password Reset (SSPR)
  • 45.
  • 46.
  • 47.
  • 49. Azure Active Directory MultiFactor Authentication (MFA)
  • 50.
  • 51.
  • 52. What are you trying to secure? Cloud Multi-Factor Authentication Multi-Factor Authentication Server First party Microsoft apps ● ● SaaS apps in the app gallery ● ● IIS applications published through CWAP ● ● IIS applications not published through CWAP ● Remote access systems such as VPN, RDG ●
  • 53. 2. Windows, Apple iOS en Android devices managen met Windows Intune
  • 54. Microsoft Intune Mobile device and application management from the cloud
  • 55. 52 percent of information workers across 17 countries report using three or more devices for work* >80 percent of employees admit to using non-approved software-as-a-service (SaaS) applications in their jobs*** 90 percent of enterprises will have two or more mobile operating systems to support in 2017** 52% 90% >80% * Forrester Research: “BT Futures Report: Info workers will erase boundary between enterprise & consumer technologies,” Feb. 21, 2013 ** Gartner Source: Press Release, Oct. 25, 2012, http://www.gartner.com/newsroom/id/2213115 *** http://www.computing.co.uk/ctg/news/2321750/more-than-80-per-cent-of-employees-use-non-approved-saas-apps-report
  • 57. Protect your data Enable your users Unify your environment People-centric approach Devices Apps Data
  • 58. Easily manage identities across on-premises and cloud. Single sign-on and self-service for corporate resources. Azure Active Directory Premium Unify identity Manage apps and devices Protect data Microsoft Intune Azure Rights Management Manage and protect corporate apps and data on almost any device with MDM and MAM. Encryption, identity, and authorization policies to secure corporate files and email across phones, tablets, and PCs.
  • 59.
  • 60. Mobile application management PC managementMobile device management ITUser Microsoft Intune Intune helps organizations provide their employees with access to corporate applications, data, and resources from virtually anywhere on almost any device, while helping to keep corporate information secure.
  • 61. Enroll • Provide a self-service Company Portal for users to enroll devices • Deliver custom terms and conditions at enrollment • Bulk enroll devices using Apple Configurator or service account • Restrict access to Exchange email if a device is not enrolled Retire • Revoke access to corporate resources • Perform selective wipe • Audit lost and stolen devices Provision • Deploy certificates, email, VPN, and WiFi profiles • Deploy device security policy settings • Install mandatory apps • Deploy app restriction policies • Deploy data protection policies Manage and Protect • Restrict access to corporate resources if policies are violated (e.g., jailbroken device) • Protect corporate data by restricting actions such as copy, cut, paste, and save as between Intune-managed apps and personal apps • Report on device and app compliance User IT
  • 62. Enable users to be productive
  • 63. ITUser Actions upon device enrollment • Deploy email, VPN, and WiFi profiles • Deploy certificates • Deploy and install apps • Apply and enforce device configuration settings • Collect hardware and software inventory data Microsoft Intune Devices enrolled
  • 64. Microsoft Intune Corporate email server IT Deploy email profile upon enrollment • Configure account settings and security restrictions • Enable certificate authentication • Synchronize email, task, contacts, and calendar • Support for iOS, Samsung KNOX, and Windows Phone Any email service supported by Exchange ActiveSync User
  • 65. Microsoft Passport replaces passwords with strong two-factor authentication to help protect user identities and user credentials • Intune can deploy certificates to Microsoft Passport to authenticate users and help them to access corporate resources • Intune manages Passport for Work policy including PIN settings, biometrics settings, Trusted Platform Module (TPM) requirements Intune provides comprehensive management of Microsoft Passport • Credentials protected by hardware or software • Credentials can be based on certificate or local keys • Can be accessed using biometrics (Windows Hello) or PIN
  • 66. Microsoft Intune Access corporate resources Authentication token Authenticate and trust my unique key Deploy a certificate and Microsoft Passport settings Azure Active Directory and Active Directory
  • 67. Azure AD Join makes it possible to connect work-owned Windows 10 devices to your company’s Azure Active Directory. With Azure AD Join, you can auto enroll devices in Microsoft Intune for management. Azure AD Join for Windows 10 Windows 10 Azure AD Joined Devices Intune / MDM auto-enrollment Intune auto-enrollment Enterprise-compliant services Support for hybrid environments Single sign-on from the desktop to cloud and on-premises applications with no VPN
  • 69. Consistent experience across Windows, Windows Phone, Android, and iOS Discover and install corporate apps Manage devices and data Ability to contact IT Customizable terms and conditions
  • 70. Volume purchasing integration Assign licenses to users Purchase licenses in bulk for paid apps using the Windows Store for Business and Apple Volume Purchasing Program (VPP) Deploy licenses to users with Intune and install apps as required License and app installed by store Deploy offline app packages to Windows 10 devices that cannot access the Windows Store with next version of Configuration Manager
  • 71. Corporate- owned devices Corporate-owned devices (CYOD), with personal use allowed Retail outlets using tablets as point of sales devices, gift registries, etc. Schools providing tablets for technology- based learning
  • 72.  Need fast and easy way to enroll CYOD devices  Should not be able to un-enroll devices that are corporate-owned  Need access to corporate apps and other MDM capabilities on devices to be productive User  Need easy way to prepare corporate- owned devices for enrollment  Need to distinguish corporate-owned devices from personal-owned devices in the management console  Need fast and easy way to bulk enroll shared devices  Need devices to be secure at all times and within IT control IT End usersIT admins
  • 73. Service account enrollment Apple Configurator Apple Device Enrollment Program (DEP) Windows 10 provisioning profile
  • 74. Business Manager IT Apply policies School Retail StoreRestaurant Deploy policies using Intune to lock down devices so they can only run applications allowed by IT Allow multiple users to use the same device and customize device experience based on identity Deploy Device Guard policies using Intune to only allow trusted applications to run on Windows 10 devices
  • 75. Protect corporate data from virtually anywhere
  • 76. The perimeter cannot help protect data stored in the cloudAccess control to corporate data today Mobile devices PCs Web browsers AppsData
  • 77. Enterprise Mobility Suite Access control and data protection integrated natively in the apps, devices, and the cloud SharePoint Online Exchange Online
  • 78. Conditional access policies IP Range Device State Advanced Windows 10 options User Group User On-premises Cloud Corporate apps
  • 79. Windows Provable PC Health (PPCH) SharePoint Online Exchange Online User Microsoft Intune SharePoint Online Exchange Online User Microsoft Intune
  • 80. Apply and enforce device configuration settings across iOS, Android, and Windows via Intune MDM Collect hardware and software inventory data for reporting Manage settings across Windows 10 PC, phone, and IoT devices via Intune MDM – including Windows Defender (anti-malware), Firewall, and Cortana
  • 81. Windows 8.1 Windows 10 Basic management and security settings Device lockdown Comprehensive device management Phone Desktop Phone Desktop Significant investments in added functionality for both mobile and desktop devices
  • 82. Enforce corporate data access requirements Prevent data leakage on the device Enforce encryption of app data at rest App-level selective wipe
  • 83. Maximize mobile productivity and protect corporate resources with Office mobile apps – including multi-identity support Extend these capabilities to your existing line-of-business apps using the Intune App Wrapping Tool Enable secure viewing of content using the Managed Browser, PDF Viewer, AV Player, and Image Viewer apps Managed apps Personal appsPersonal apps Managed apps ITUser Corporate data Personal data Multi-identity policy
  • 84. Personal apps Managed apps Maximize productivity while preventing leakage of company data by restricting actions such as copy, cut, paste, and save as between Intune-managed apps and unmanaged apps User
  • 85. Personal apps Managed apps Perform selective wipe via self-service company portal or admin console Remove managed apps and data Keep personal apps and data intact IT IT
  • 86. Configure and manage EDP policies with Intune and Azure Rights Management Separate personal and corporate data with limited impact to employee’s day-to-day activities Protect data at rest and wherever it may roam* User Corporate network Microsoft Intune & Azure Rights Management Apply policies Save Save Share files and enforce policies File share Personal storage Secure content collaboration through integration with Azure Rights Management * Some roaming scenarios use Azure Right Management Control app access to corporate data and prevent copy and paste-related data leaks
  • 87. Microsoft Intune Microsoft Intune Azure Rights Management Device protection BitLocker Device Guard Device settings Windows Defender Data separation Leak protection Enterprise Data Protection Sharing protection Rights Management
  • 88. Containers Depends on specific DMZ infrastructure Works on- premises only SharePoint Server Exchange Server Corporate network Active Directory Firewall Firewall DMZ/ Perimeter network SDK/wrapper, managed browser, managed viewers Custom SDK/wrapper enables line-of-business apps to be managed Mobile application management Custom data container provides mobile productivity apps integrated with content and access systems Custom email app Custom file app Custom collab app Native device MDM Standard MDM provides device configuration and management
  • 89. Standard on-premises integration SharePoint Online Exchange Online Cloud integration Intune App SDK Intune App Wrapping Tool Extensibility based on Azure AD and Intune Enable business apps to interoperate with Office mobile apps SharePoint Server Exchange Server Corporate network Active Directory Firewall Firewall DMZ/ Perimeter network Managed Office productivity and moreOffice 365: Mobile productivity Azure AD: Access control to Office 365 and SaaS apps Intune: App restrictions for Office mobile and LOB apps Azure Rights Management: Information protection at the file layer Native device MDMIntune: Cross-platform MDM
  • 90. Identify and authorize user Apply device policies Apply application policies Apply content policies User IT ActiveDirectoryPremium Rights Management Enterprise Mobility Suite
  • 92. Mobile devices and PCs Mobile devices System Center Configuration Manager Domain joined PCs Configuration Manager integrated with Intune (hybrid)Intune standalone (cloud only) IT IT Intune web console Configuration Manager console
  • 93. • Always up-to-date, no need to migrate • Always available and reachable • Easy to try, adopt, and deploy • Integrates with existing on-premises infrastructure • Disaster recovery and geo-diversity • Assign your data to a region • Built from the ground up: datacenter, fabric, SaaS • Built using world-class engineering and security • Compliant and certified • Financially backed Service Level Agreements (SLAs) Intune Office 365 Azure Active Directory Azure Rights Management
  • 94. Security reports, audit reports, multi-factor authentication Self-service password reset and group management Single sign-on to over 2,400 popular SaaS applications Information protection Connection to on-premises assets Bring your own key Mobile device settings management Mobile application management with Office mobile apps Conditional access and selective wipe Active Directory Premium Rights Management
  • 95. 101
  • 96. Devices Apps Data Management. Access control. Information protection. Protect your data Enable your users User IT
  • 98. New intuitive dashboard Respond to alerts Manage software deployments Configure and deploy policies View reports Role-based management Intune web console
  • 99. Mobile devices and PCs Intune standalone (cloud only) IT Intune web console Manage and Protect • No existing infrastructure necessary • No existing Configuration Manager deployment required • Simplified policy control • Simple web-based administration console • Faster cadence of updates • Always up-to-date Devices Supported • Windows PCs (x86/64, Intel SoC) • Windows RT • Windows Phone 8.x • iOS • Android
  • 100. Mobile devices System Center Configuration Manager Domain joined PCs Configuration Manager integrated with Intune (hybrid) IT Configuration Manager console System Center 2012 R2 Configuration Manager with Microsoft Intune • Build on existing Configuration Manager deployment • Full PC management (OS deployment, endpoint protection, application delivery control, custom reporting) • Deep policy control requirements • Greater scalability • Extensible administration tools (RBA, PowerShell, SQL reporting services) • Windows RT • Windows Phone 8.x • iOS • Android Devices Supported • Windows PCs (x86/64, Intel SoC) • Windows to Go • Windows Server • Linux • Mac OS X
  • 102. Intune standalone (cloud only) Lightweight, agentless OR agent-based management PC protection from malware PC software update management Software distribution Proactive monitoring and alerts Hardware and software inventory Policies for Windows Firewall management Intune standalone (cloud only) Configuration Manager integrated with Intune (hybrid) Lightweight, agentless OR agent-based management Lightweight, agentless OR comprehensive agent-based management PC protection from malware PC protection from malware PC software update management PC software update management Software distribution Software distribution Proactive monitoring and alerts Proactive monitoring and alerts Hardware and software inventory Hardware and software inventory Policies for Windows Firewall management Policies for Windows Firewall management Operating system deployment PC, mobile device, Windows Server, Linux/Unix, Mac, and virtual desktop management Power management Custom reporting
  • 103. Comprehensive security policies are enforced on each platform Reporting available on each setting whether it is applicable, conformant or has an error Extensive configuration settings are available for each platform Policies can be applied to user and device groups User
  • 105. WiFi settings Manage and distribute certificates Provision networks Setup certificate based authentication
  • 106. ITUser Hardware properties for mobile devices are collected Company app inventory is collected Personal app inventory is not collected Reporting
  • 107. If compliant, email access is granted 7 Enrollment / compliance remediation 5 If not compliant, push device into quarantine Quarantine 4 2 Quarantine email with remediation steps Link to enroll device and compliance remediation steps Who does what? Intune: Evaluate policy compliance for device Azure AD: Authenticate user and provide device compliance status Exchange Online: Enforces access to email based on device state Attempt email connection 1 3 Azure Active Directory Set device management/ compliance status 6 Office 365 Mobile device Microsoft Intune
  • 108. 2 Attempt email connection 1 Block unmanaged device 5 Allow managed device Device enrollment4 6 If managed, email access is granted Who does what? Intune: Evaluate and manage device state Exchange Server: Provides API and infrastructure for quarantine Quarantine email with remediation steps Link to enroll device 3 If not managed, push device into quarantine Quarantine Mobile device Microsoft Intune On-premises Exchange server
  • 109. Platform Desktop Apps (.msi, .exe) * Modern App Types Managed Store app Side loading Deep Links Web apps.app .app .ipa .apk Windows 8.1/10 ● ● ● ● Windows RT ● ● ● iOS ● ● ● ● Android ● ● ● ● Windows Phone ● ● ● Windows 7 and below ● ●
  • 110. Category Feature Exchange ActiveSync MDM for Office 365 Microsoft Intune (cloud only) Intune + ConfigMgr (hybrid) Device configuration Inventory mobile devices that access corporate applications ● ● ● ● Remote factory reset (full device wipe) ● ● ● ● Mobile device configuration settings (PIN length, PIN required, lock time, etc.) ● ● ● ● Self-service password reset (Office 365 cloud only users) ● ● ● ● Office365 Provides reporting on devices that do not meet IT policy ● ● ● Group-based policies and reporting (ability to use groups for targeted device configuration) ● ● ● Root and jailbreak detection ● ● ● Remove Office 365 app data from mobile devices while leaving personal data and apps intact (selective wipe) ● ● ● Prevent access to corporate email and documents based upon device enrollment and compliance policies ● ● ● Premium mobiledevice& appmanagement Self-service Company Portal for users to enroll their own devices and install corporate apps ● ● App deployment (Windows Phone, iOS, Android) ● ● Deploy certificates, VPN profiles (including app-specific profiles), email profiles, and Wi-Fi profiles ● ● Prevent cut/copy/paste/save as of data from corporate apps to personal apps (mobile application management) ● ● Secure content viewing via Managed Browser, PDF Viewer, Image Viewer, and AV Player apps for Intune ● ● Remote device lock via self-service Company Portal and via admin console ● ● PC management Client PC management (e.g. Windows 8.1, inventory, antimalware, patch, policies, etc.) ● ● PC software management ● ● Comprehensive PC management (e.g. Group Policy, login scripts, BitLocker management, virtual desktop and power management, custom reporting, etc.) ● Windows Server/Linux/UNIX/Mac OS X support ● OS deployment and imaging ●
  • 111.
  • 112.
  • 113.
  • 114.
  • 115.
  • 116.
  • 117.
  • 118.
  • 119.
  • 120.
  • 121.
  • 122.
  • 123.
  • 124.
  • 125.
  • 126. 4. Informatie beveiligen met Azure Rights Management
  • 128.
  • 129.
  • 130. 87% of senior managers admit to regularly uploading work files to a personal email or cloud account.* 87% 58% have accidentally sent sensitive information to the wrong person.* 58% >80% focus on data leak prevention for personal devices, but ignore the issue on corporate owned devices where the risks are the same ??%
  • 133. The traditional perimeter is rapidly eroding IT needs continuous data protection that works across ‘classic boundaries’ Consumerization of IT Users need access, from any device Externalization of IT Applications are on-premises and in the cloud More data, stored in more places Dispersed enterprise data needs protection Social Enterprise Data is shared between people and applications
  • 134.
  • 135.
  • 137.
  • 138. 1. Document author attempts to protect a document 3. Author protects the document 4. Author distributes the document to another user 5. User contacts the information protection platform, is authenticated, and receives a use license 2. Author obtains the certificates necessary to participate in the information protection platform
  • 139. Galactic Empire Confidential – You cannot copy, print or export this information in unprotected form to droids of any class. User Certificates User License Galactic Empire Confidential – You cannot copy, print or export this information in unprotected form to droids of any class. Publishing License and Keys
  • 140. File share, email server or document library Authorized Users Business network Authorized Users Unauthorized Users Can’t forward Use Licenses Unauthorized Users No License AD RMS Server
  • 141.
  • 143.
  • 146.
  • 150.
  • 153.
  • 154.
  • 155.
  • 156.
  • 157. 5. Hoe de mogelijkheden en toepasbaarheid van EMS voor uw organisatie verder te onderzoeken?
  • 158. Iedereen een tenant! • Tenant? Wat is een tenant? • Nieuwe? Bestaande? • Log even in met een “In-Private” browser sessie. • Stuur nu een email naar berry.schreuder@breinwave.nl met als onderwerp: • “EMSTRIAL” en je krijgt een uitnodging terug voor: • 100 licenses Enterprise Security + Mobility E3 • Gedelegeerd beheer voor Breinwave (mag je ook weigeren) • Je kunt dit aktiveren in je bestaande tenant, maar denk goed na of je dat wilt • De TRIAL duurt 30-dagen
  • 159. Evaluatie • https:// • Of op een mapje op je Bureaublad. • Eerder mag je niet naar huis