Microsoft Enterprise Mobility Suite March 25, 2015 Colm Whelan VP of Cloud Solutions cwhelan@lighthousecs.com @colmw https://www.linkedin.com/in/colmwhelan Lighthouse Computer Services, All rights reserved
Vice President Cloud Solutions Cloud Advocate and Driver Business solutions consultant with over 100 Microsoft Cloud implementations under his belt Full-time on the cloud platform since 2009 Microsoft Azure, Microsoft Office 365, Third Party Integration and Cloud Best Practices Lead customers in the positioning, demonstration, design and implementation of Microsoft solutions Colm is from Ireland where he worked for Microsoft and has lived in the Northeast US for 12 years. Colm Whelan
Lighthouse Computer Services Full spectrum of services include assessments, designs, deployments and management Complementary practices allow us to architect integrated IT solutions Expert pre & post sales services staff with over 200 industry certifications Expert Project Management Skills http://linkedin.com/company/lighthouse-computer-services @lighthousecs Lighthouse Computer Services, All rights reserved
66% 18% Mobility is the new normal 33% of employees use personal devices for work purposes.* of all software spending will be SaaS delivery by 2017.** of employees that typically work on employer premises, frequently work away from their desks.*** *CEB The Future of Corporate ITL: 203-2017. 2013. ** IDC Worldwide SaaS and Cloud Software 2013 2017 Forecast and 2012 Vendor Shares. December 2013. ***CEB IT Impact Report: Five Key Findings on Driving Employee Productivity Q1 2014.
What's driving change? User Devices Apps Data IT
Are you currently using Third Party SaaS apps like Workday, Salesforce, Box, Citrix etc How are you managing your desktops today? Is your organization looking to or are implementing a BYOD strategy? Are you struggling with the number of devices needing to be managed in your environment? Are you concerned about data protection on mobile devices? Are you looking for a two-factor authentication solution? Considerations
Single Identity Mobile Device & App Management Enterprise Mobility Suite Rights Management
One user, one identity, everywhere Desktop virtualization Single sign-on Rights Management Hybrid identity Self-service experiences Common identity Mobile device & application management Conditional access SaaS applications
Challenge Identity Hybrid Identity Empower users with self-service and single sign-on experiences, while creating consistent identities and protecting access to corporate data. User Pain points Users want access to corporate applications and data from any location across multiple devices Users want to be able to use a single set of credentials with a consistent identity across devices, applications and services. Users want self-service capabilities to be able to work autonomously without the need to engage with IT IT Pain points It s complex to manage the identity of users and their relationships with the corporate resources they access in private and public clouds. IT needs to reduce the cost of helpdesk calls related to users forgetting their passwords. IT needs to ensure that users are only connecting to resources and information they have permission to.
Windows Server Active Directory Other Directories Simple connection Self-service Single sign on Username Azure Public cloud SaaS Office 365 On-premises Azure Active Directory Cloud
User s identity User IT
Cloud User s identity User IT Username? Too many passwords On-premises
Cloud User s identity User IT Username? New app Too many passwords On-premises Identity layer
Cloud User s identity User IT Username Common identity On-premises Single sign-on
Cloud User s identity User IT Username? Forgot your password? On-premises Self-service experiences
Cloud User s identity User New device! Policy control SaaS discovery IT SaaS applications On-premises Conditional access
Cloud User s identity User IT Self-service password reset On-premises Security reports
myapps.microsoft.com Single sign-on Group management Username Username Password reset Manage your account and profile
Device choice, simplified management Desktop virtualization Consistent user experience Rights Management Hybrid identity Simplified device enrollment and registration Single console to manage devices Mobile device & application management
hallenge Mobile device and application management MDM Give users access to workplace applications, data, and resources from almost any device from virtually anywhere, while ensuring devices are compliant. User Pain points Users want to work from their preferred device(s) with access to both personal and professional applications, data, and resources. Users want a consistent experience across all the devices they use. IT Pain points IT needs to be able to deploy and manage applications on end-user devices. Security and compliance must be maintained while still accommodating device requests. IT needs to efficiently apply policies and settings across all devices. IT needs an efficient means of locking, retiring, or wiping devices
Mobile device management Mobile application management PC management Microsoft Intune Intune helps organizations provide their employees with access to corporate applications, data, and resources from virtually anywhere on almost any device, while helping to keep corporate information secure.
Username Microsoft Intune
Microsoft Intune Username
User IT
Company Portal User Device enrolled Recommended apps for User s devices IT Apply policy
Company Portal User Are you sure you want to wipe corporate data and application from User s iphone? IT Yes No
Right info, right person, right device Desktop virtualization Dynamic Access Control Rights Management Hybrid identity Rights management Secure access to work files Mobile device & application management
Challenge Rights Management Access and Information Protection Protect company information by centralizing data, classifying information and controlling access to the datacenter User Pain points Users working from personal devices still need to access sensitive information, sometimes locally. IT Pain points Significant amounts of corporate data can only be found locally on user devices. IT must be able to define classification of data based on content and not just location. IT must be able to meet security and regulatory compliance standards across all devices
User IT
User IT
User IT
User IT
v User IT Read-only Editing Print Forward
v User IT Read-only Editing Print Forward
Conclusions Azure AD Premium enables: Self-service password reset for your people, to reduce helpdesk calls Multi-factor authentication options for greater security Group-based provisioning and single sign on for over 1000 SaaS apps Machine learning-driven security reports for visibility and threat management Robust sync capabilities across cloud and on-premises directories
Conclusions Microsoft Intune enables: Mobile application management across devices Broad device support for Windows, Windows Phone, Apple ios, and Android devices Selective wipe of apps and data for greater security Conditional access Hardware, Software and licensing inventory
Conclusions Azure Rights Management enables: Brings Office 365 Rights Management Services capabilities to your on premise content sources (File servers, Exchange, SharePoint etc) Granular policy based settings to protect content User/Group restrictions / Federated Scenarios Time restrictions through Expiration Controls View Controls restricting printing, screen captures and copy controls Restrictions on forwarding or replying all to messages
Compared to Office 365? Cloud and hybrid identity management Mobile device management Information protection Enterprise Mobility Suite Azure AD for O365 + Single Sign on for all cloud apps Advanced MFA for all workloads Self Service group management and password reset with write back to on prem directory Advanced security reports FIM (Server + CAL) MDM for O365 + PC Management Mobile App Management (prevent cut/copy/past/save as from corporate apps to personal apps) Secure content viewers Certificate Provisioning System Center integration Compliance Policies Conditional Access RMS for O365 + Protection for on-premises Windows Server file shares Departmental templates Email notifications when sharing documents Email notifications when shared documents are forwarded Office Integration Managed browser, PDF, Email Basic Identity Mgmt via Azure AD for O365: Single Sign on for O365 Basic Multifactor Authentication (MFA) for O365 Basic Branding Basic Mobile Device Management via MDM for O365 Device Settings Management Selective Wipe Built into O365 Mgmt Console RMS Protection via RMS for O365 Protection for content stored in Office (on prem or O365) Access to RMS SDK Bring your own Key
Pricing
Next Virtual Steps Machine Portability
Upcoming Events Microsoft Experience Center 4/24 Cambridge Ma Webinar PowerBI Webinar Intune Deep Dive Webinar AD Premium Deep Dive Webinar AD RMS Deep Dive
Engage Lighthouse
Q & A Virtual Machine Portability
Microsoft Enterprise Mobility Suite March 25, 2015 Colm Whelan VP of Cloud Solutions cwhelan@lighthousecs.com @colmw https://www.linkedin.com/in/colmwhelan Lighthouse Computer Services, All rights reserved