Go mobile. Stay in control. Craig Morris EMPOWER ENTERPRISE MOBILITY
Mobile-first, cloud-first reality Exploited credentials More than 75 percent of network intrusions exploit weak or stolen credentials. 75% 15% Mobile security governance By the end of 2015 only 15 percent of large organizations will have adequate mobile security governance for process and policy. Viral unsanctioned IT More than 80 percent of employees admit to using non-approved software as a service (SaaS) applications in their jobs. 80%
Is it possible to keep up? Employees Business partners Customers Is it possible to stay secure? Apps Devices Data Users Data leaks Lost device Compromised identity Stolen credentials
Is it possible to keep up? EmployeesBusiness partnersCustomers The Microsoft vision Access everything from everywhere Manage and secure productivity ( + apps) Integrate with what you have Apps Devices Data Users
Access to everything from everywhere Secure users, devices, apps, and data Preserve invesments and move to cloud Customers need Integrated, secure identity It protects Office better It just works Microsoft solution EMPOWER ENTERPRISE MOBILITY Identity-driven security Comprehensive solution Managed mobile productivity
Identity-driven security Comprehensive solution Managed mobile productivity EMPOWER ENTERPRISE MOBILITY
Identity-driven Security Exploited credentials 75%
One common identity Simplify management Improve security IDENTITY-DRIVEN SECURITY
Self-service capabilities Password reset Group membership MyApps portal Manage everything Dynamic groups Provisioning B2B collaboration Single sign-on Easy connection to existing assets Unified experience across user devices
IDENTITY-DRIVEN SECURITY Guard apps Conditional access Secure remote access Intelligent analysis Machine learning Security reports User behavior analysis Protect users Multi-factor authentication Leaked credentials reporting
Enterprise Mobility +Security Protect your users, devices, and apps AZURE RIGHTS MANAGEMENT & SECURE ISLANDS Detect problems early with visibility and threat analytics Advanced Threat Analytics MICROSOFT INTUNE Protect your data, everywhere AZURE ACTIVE DIRECTORY IDENTITY PROTECTION Extend enterprise-grade security to your cloud and SaaS apps Protect application access from identity attacks MICROSOFT CLOUD APP SECURITY IDENTITY-DRIVEN SECURITY
ATA Devices and servers Behavior al analytics Forensics for known attacks and issues Advanced Threat Analytics Profile normal entity behavior (normal versus abnormal) Search for known security attacks and issues Detect suspicious user activities, known attacks, and issues SIEM Active Directory
Security-as-a-service extending visibility and control to cloud apps Comprehensive and proven protection Based on Adallom acquisition Committed to support third-party apps
Identity-driven security Conditional access to all apps, resources, and self-service tools
Identity-driven security Comprehensive solution Managed mobile productivity EMPOWER ENTERPRISE MOBILITY
Managed mobile productivity Unsecured apps 80%
Manage and secure devices Office mobile apps Data-level protection MANAGED MOBILE PRODUCTIVITY
Conditional access Compliance enforcement Multi-identity support Access management Mobile app management (w & w/o a device enrollment) File and data encryption Built-in security Office mobile apps Familiar and trusted Gold standard
Conditional Access Application Per app policy Type of client (Web Rich, mobile) Cloud and On-premises applications User attributes User identity Group memberships Authentication strength Devices Are managed or domain- joined Are compliant Platform type (Windows, iOS, Android) Other Location (IP Range) Risk profile ENFORCE MFA ALLOW BLOCK MANAGED MOBILE PRODUCTIVITY
Managed apps Personal apps Managed apps Corporate data Personal data Multi-identity policy Personal apps Managed apps Copy Paste Save Save to personal storage Paste to personal app attachment
MANAGED MOBILE PRODUCTIVITY Integrated use Works across all platforms Free content consumption Consistent user experience Integrate into common apps and services Persistent protection Storage-independent Permit all companies to authenticate Enforce authorization policies Tracking and compliance Powerful logging and reporting Use/abuse tracking Kill documents remotely IT can reason over data
COMPREHENSIVE SOLUTION Any device/ any platform Data-level encryption All file types LOB app protection ProtectShareTrack and revoke External user ******* Internal user ******* Timeline view Map view Access and denials
MANAGED MOBILE PRODUCTIVITY Centralized, secure data No local access or storage Apps and data stay in the cloud No app rewriting Deliver apps as is O365 integration Simplified updates Simplified scaling Scale to seasonal need Cloud flexibility File and data encryption
Managed mobile productivity Protected mobile users, devices, apps, and data— everywhere
Identity-driven security Comprehensive solution Managed mobile productivity EMPOWER ENTERPRISE MOBILITY
Comprehensive solution Minimum dedicated budget expected for EMM by %
COMPREHENSIVE SOLUTION Easy to maintain Integrates with what you have Saves you money
Always up to date Real-time updates Keep up with new apps and devices Works with what you have Support multiple platforms Use existing investments Simple to set up and connect Easy, secure connections Simplified management COMPREHENSIVE SOLUTION
Microsoft EMSOther vendors Identity and access management Included$8 1 Mobile device and application management Included$10 2 Data protectionIncludedNo similar products Advanced threat detectionIncludedNo similar products Total cost (per user/month) Microsoft EMS $ Other vendors $18 COMPREHENSIVE SOLUTION
Comprehensive solution Stay secure and cut your budget in half Spend up to 50 percent less than buying standalone solutions from other vendors COMPREHENSIVE SOLUTION
EMPOWER ENTERPRISE MOBILITY Identity-based security for greater control and visibility. Identity-driven security Manage your mobile and on-premises environment across devices and operating systems. Comprehensive solution Encourage secure work habits by providing the best apps with built-in security. Managed mobile productivity
Microsoft enterprise mobility solutions Identity and access management Azure Active Directory Single sign-on to 1000s of cloud and on- premises applications. Identity protection with notifications, analysis, recommended remediation, and risk- based conditional access. Mobile device and app management Microsoft Intune Leverage mobile device management and mobile app management to protect corporate apps and data on almost any device. Information protection Azure Rights Management Encryption, identity, and authorization to secure corporate files and across phones, tablets, and PCs. Cloud and SaaS app security Microsoft Cloud App Security Bring enterprise-grade visibility, control, and protection to your cloud applications. User and entity behavioral analytics Microsoft Advanced Threat Analytics Identify suspicious activities and advanced attacks that target your on-premises platform. Quickly focus on what is most important with clear, actionable reporting. Enterprise Mobility Suite
Integrated solutions across your enterprise OFFICE 365 ENTERPRISE MOBILITY SUITE WINDOWS ++
Enterprise Mobility Suite Mobile device and app management Information protection Basic identity mgmt. via Azure AD for O365: Single sign-on for O365 Basic multi-factor authentication (MFA) for O365 Basic mobile device management via MDM for O365 Device settings management Selective wipe Built into O365 management console RMS protection via RMS for O365 Protection for content stored in Office (on-premises or O365) Access to RMS SDK Bring your own key Azure AD for O365+ Single sign-on for all cloud apps Advanced MFA for all workloads Self-service group management and password reset with write back to on-premises directory Advanced security reports FIM (Server + CAL) MDM for O365+ PC management Mobile app management (prevent cut/copy/paste/save as from corporate apps to personal apps) Secure content viewers Certificate provisioning System Center integration RMS for O365+ Protection for on-premises Windows Server file shares notifications when sharing documents notifications when shared documents are forwarded Identity and Access Management
Windows 10 Enterprise Mobility Suite Single sign-on for business cloud apps Device setup and registration for Windows devices Windows Store for Business Traditional domain join manageability Manageability via MDM and MAM Encryption for data at rest and generated on device Encryption for data included in roaming settings Conditional access policies for enhanced single sign-on security MDM auto-enrollment Self-service group and application management Password reset with write back to on-premises directory Cloud-based advanced security reports Microsoft Identity Manager Mobile device management Mobile app management Secure content viewer Certificate, Wi-Fi, VPN, profile provisioning Agent-based management of Windows devices (domain-joined via ConfigMgr and internet-based via Intune) Tracking and notifications for shared documents Protection for content stored in Office and Office 365 Protection for on-premises Windows Server file shares Behavioral analytics for advanced threat detection Detection for known malicious attacks and security issues Mobile device and app management Information protection Identity and Access Management