Andrej Zdravkovic Regional Vice President, Platform Solutions Intellinet
Platforms Operations Process Productivity Alignment Marketplace What We Do Business Transformation Through Strategic. Technology-Enabled. Business Solutions. Strategy Maps & Balanced Scorecards (Corp, HR, Fin, Sales, Ops) Project Management Office (PMO) (KPI Alignment, Prioritization) Enterprise Mobile Strategy (Dev, Security, Integration) IT Strategy Roadmaps (Integrated Tech, Process & Change Mgmt Workstreams) Process Frameworks (Software Selection, M&A, Voice of Cust, Innovation Management) Application Portfolio Management (Topology, ALM, Methodology) Digital Marketing Strategy (Customer Engagement Strategy) IT Business Foundations (ITSM, Service Desk, Centers of Excellence) Cloud & Data Center Strategy (Security, Integration) Program Execution Program & Project Management Business Analysis & Alignment Quality Assurance Corporate Communications Organizational Change Management Mobile Application Development ERP & CRM Systems Server Platform Cloud Systems Management Social Collaboration & Workflows Business Intelligence & Data New Product & Service Ideation Sales Enablement & Automation Custom Solutions Digital Marketing & Websites HR Process & Employee Self-Service Legal & Compliance Customer Segmentation & Analytics Customer Self-Service Financial & Operational Analytics
The challenges we face today in keeping users productive while protecting company information
Mobility is the New Normal 52% 90% >80% 52% of information workers across 17 countries report using three or more devices for work* 90% of enterprises will have two or more mobile operating systems to support in 2017** * Forrester Research: BT Futures Report: Info workers will erase boundary between enterprise & consumer technologies, Feb. 21, 2013 ** Gartner Source: Press Release, Oct. 25, 2012, http://www.gartner.com/newsroom/id/2213115 *** http://www.computing.co.uk/ctg/news/2321750/more-than-80-per-cent-of-employees-use-non-approved-saas-apps-report >80% of employees admit to using nonapproved software-as-aservice (SaaS) applications in their jobs***
Traditional access control to corporate data CORPORATE NETWORK DMZ INTERNET Active Directory Mobile devices Exchange Server SharePoint Server Policies Filter EAS Filter web access Filter or block mobile app access Block unmanaged devices Prevent downloads Force multi-factor authentication Require domain joined Force traffic via proxy/vpn PCs Browsers
The current reality
Protecting data in a mobile first, cloud first world CORPORATE NETWORK DMZ INTERNET Active Directory Challenge The perimeter can not help protect data Mobile devices PCs Solution SaaS Apps Browsers Access control and data containment integrated natively in the apps, devices, and the cloud. Exchange Server SharePoin t Server
Firewall Firewall Data protection with EMS Extensibility: Enable business apps to interoperate with Office Mobile O365: Mobile productivity Azure AD: Identity and Access control to O365, SaaS apps and on prem apps. Intune: Data container for Office mobile apps Azure RMS: Information protection at file level Intune App SDK/Tool AD Authentication library SharePoint Online Managed Office productivity and security Perimeter network SaaS Apps CORPORATE NETWORK Intune: Mobile device management Native device MDM Active Directory Exchange Server SharePoint Server
Introducing Conditional Access Control User attributes User identity Group memberships Auth strength (MFA) Devices Authenticated MDM Managed Compliant with policies Not lost/stolen Application Business sensitivity Conditional access control Other Network Location Risk profile On-Premises applications
Azure Active Directory Overview and Demo
Hybrid Identity User User Unify your environment Create a centralized identity across on-premises and cloud Use identity federation to maintain centralized authentication and securely share and collaborate with external users and businesses Enable users Provide users with self-service experiences to keep them productive Enable single sign-on for users across all the resources they need access to Protect your data Enforce strong authentication when users access resources and apply conditional access controls to sensitive company information Configure single sign-on across all company applications Ensure compliance with governance, attestation and reporting
Public Identity as the Control Point
Conditional access to Azure AD connected applications 2500+ applications preconfigured in Azure AD. Secure access with: Per-app MFA Per-app MFA from extranet Block extranet Target specific groups of users or exclude specific groups of users Targeting can be standard groups or dynamic groups in Azure AD
Microsoft Intune Overview and Demo
Mobile Device Management with Intune Direct management (Windows RT, Windows Phone 8.x, ios, Android) EAS based management
Managing Office Mobile Apps with Intune Personal Corporate Office 365 and Intune protect data on mobile devices without sacrificing user productivity Secure Collaboration IT can set and manage policy around how data is shared with managed and non-managed apps In addition to Office mobile apps for ios and Android, Intune will support management of LOB ios and Android apps Rich Office Experience Give users familiar, full-featured Office applications Maintain document formatting across platforms Securely store, sync, and share content via OneDrive for Business
Mobile Device Settings in Microsoft Intune
Azure Rights Management Service Overview
Protect data with rights management RMS SDKs on popular mobile platforms including Windows, ios, Android, Windows Phone and Mac OS Azure RMS provides the Rights Management capabilities for Office 365, providing easy enablement and enforcement of information protection policies Connect to Windows Server File Services for FCI and DAC integration Automatically identify and classify data based on content with automatic encryption Leverage a common identity across Active Directory and Azure Active Directory More securely share documents with colleagues and business partners Connect to on-premises Exchange and SharePoint for the simplest way to get Rights Management running in your organization
Protecting Files Locally
Sharing Protected Files
RMS Integration with SharePoint Online
RMS Document Tracking Portal.azureRMS.com
Road ahead Desktop Conditional access Restrict Outlook 2013/OneDrive PC apps to sync only from Domain joined PCs or Intranet locations Browser access to O365 services Restrict OWA/SP access to only Intune managed/compliant mobile devices or domain joined PCs Mac support Restrict Outlook on Mac to sync only from Intune managed and compliant devices. Windows 10 management Enhanced access control and data protection
Security and Access control: Architecture matters Azure AD Identity and Access Office 365 Productivity Intune Device & App Management Always up to date Continuous feature upgrades Always available and reachable Easy to adopt and deploy Easy to try and buy Designed to work together Built from the ground up: Datacenter, Fabric, SaaS Built using world class engineering & security Compliant and certified Financially backed Service Level Agreements
Enterprise Mobility Suite EMS Enables Customers with: Group management & security / audit reports Self Service Password Reset & Multi-Factor Authentication Connection between AD / Azure AD Mobile device settings management Mobile app management Selective wipe Information protection Connection to on-premises assets
Q&A
Intellinet Jumpstart Offer Intellinet s Enterprise Mobility Suite (EMS) Proof of Concept (POC) will help you to evaluate (in a lab environment) the features and benefits of Enterprise Mobility Suite. The POC focuses on Hybrid identity management Mobile device management Data protection Enterprise Mobility Suite Proof of Concept Duration: 2-15 Days *As a Microsoft Software Assurance customer, you may qualify to use Planning Services days to fund part or all of this engagement based on your license agreements
Intellinet Jumpstart Offer Intune Proof of Concept Intellinet s Intune Proof of Concept (POC) will help you to: Address the challenges in managing a highly mobile or distributed workforce Manage non-domain joined devices such as tablets and smartphones Understand the business benefits of remotely managing and securing computers Centrally deliver applications, updates and patches centrally and ensure compliance Duration: 4 Days *As a Microsoft Software Assurance customer, you may qualify to use Planning Services days to fund part or all of this engagement based on your license agreements
Thank you! Please Stay in Your Seats: Wrap-up & Raffle Will Begin Shortly