Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft 365 Business Technical Fundamentals Series

Published byΤρυφωσα Κομνηνός Modified over 5 years ago

Similar presentations

Presentation on theme: "Microsoft 365 Business Technical Fundamentals Series"— Presentation transcript:

1 Microsoft 365 Business Technical Fundamentals Series
Welcome to the Microsoft 365 Business technical fundamental series

2 Cloud Identity In this module we will be talking about cloud based identity, which can used alongside or instead of on-premises Active Directory, depending on your current and future requirements.

3 Azure Active Directory Overview
Azure Active Directory is Microsoft’s cloud identity solution, and we can start by looking at the size of Azure Active Directory before we start looking more closely at individual capabilities.

4 Azure Active Directory in the Marketplace
— Every Office 365 and Microsoft Azure customer uses Azure Active Directory — organizations 14.2 M identities 1.01B 3rd party apps in Azure AD 334 K paid Azure AD / EMS customers 64 K of Fortune 500 companies use Azure AD 90 % Governance Access Reviews HR App Integration MDM-auto enrollment / Enterprise State Roaming Microsoft Authenticator - Password-less Access Self-Service capabilities SSO to SaaS Azure AD B2C B2B collaboration Security Reporting Azure AD Join Dynamic Groups Remote Access to on-premises apps Addition of custom cloud apps Conditional Access Multi-Factor Authentication Identity Protection Privileged Identity Management Connect Health Azure AD DS Azure AD Connect Access Panel/MyApps Office 365 App Launcher Group-Based Licensing Provisioning-Deprovisioning Some of the important talking points here are the sheer scale of Azure Active Directory – it hosts over a billion identities for over 14 million organisations. Every Office 365, Microsoft 365 and Azure customer already uses Azure Active Directory. +30% YoY +35% YoY +150% YoY +65% YoY © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 Azure Active Directory
[keypoint] — Identity and access management for employees, partners, and customers — B2B collaboration Provisioning-Deprovisioning Addition of custom cloud apps Access Panel/MyApps Dynamic Groups Identity Protection Azure Active Directory offers an ever expanding set of capabilities, based on the requirements of the customer and what they are licensed to use. What we will be doing in this video is discussing the Azure Active Directory capabilities that Microsoft 365 Business includes, and comparing it to the Azure Active Directory capabilities in Office 365 and Azure Active Directory Premium. Not all of the capabilities listed on this slide are included with Microsoft 365 Business, instead this slide is to help provide an understanding of how broad a service it is. Let’s start by looking at some of the top level capabilities that are included. Self-Service capabilities Connect Health Remote Access to on-premises apps Azure AD B2C Group-Based Licensing Privileged Identity Management Azure AD Connect Conditional Access Microsoft Authenticator - Password-less Access Azure AD Join MDM-auto enrollment / Enterprise State Roaming Security Reporting SSO to SaaS Multi-Factor Authentication Azure AD DS Office 365 App Launcher HR App Integration Access Reviews 6

6 Azure Active Directory Join for Windows 10
Azure Active Directory Join makes it possible to connect work-owned Windows 10 devices to your company’s Azure Active Directory Apps in Azure Third-party apps and clouds Azure Active Directory Enterprise-compliant services Enterprise State Roaming SSO from the desktop to cloud and on-premises applications with no VPN Intune/MDM auto-enrollment A big part of the Microsoft 365 Business story is the ability to move to a purely cloud based management solution over time, and this includes moving Windows away from Group Policy towards mobile device management delivered by Microsoft Intune. When we do this, we enable single sign on capabilities to cloud services, while still being able to access on-premises resources. MDM auto-enrollment Support for hybrid environments Windows 10 Azure AD joined devices On-premises apps © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Azure AD B2B collaboration
Other organizations Assign B2B users access to any app or service your organization owns SharePoint Online & Office 365 apps Add B2B users with accounts in other Azure AD organizations Microsoft Azure Active Directory We can also use Azure Active Directory as the fabric to work across organisations, using a single identity. This could be for IT administration purposes, or it could be used for online collaboration using capabilities of Office 365 such as Microsoft Teams. On- premises Other Identity Providers* Microsoft Account Add B2B users with MSA or other Identity Provider accounts

8 Self service password reset
username ???????? Cloud based password resets, using a variety of multi-factor authentication options help to take the pain out of forgotten passwords and password resets. Resolving password issues for users is one of the largest IT costs Self-service password reset empowers users and reduces administration costs

9 Microsoft Authenticator
© 2017 Microsoft Terms of Use Privacy & Cookies Cancel Need Help? Making sure it’s you Follow the instructions on the Microsoft Authenticator app and enter the number you see below. 4026 MFA for enterprise and consumer accounts and applications Device registration (workplace join) Single sign-on to native mobile apps Certificate-based SSO Contoso One of the recommendations we make when deploying Microsoft 365 Business and enabling multi-factor authentication is to use the Microsoft Authenticator app which is available for Android and iOS to improve the security of sign ins. Authenticator can be used across a variety of online services, not just Microsoft 365, including both commercial and consumer applications. Coming Soon Passwordless sign on to devices, apps, and web services © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Pre-integrated SaaS apps in the application gallery
SLACK GITHUB ADOBE CREATIVE CLOUD SAP HANA CLOUD PLATFORM IA ATLASSIAN CLOUD SEDGEWICK VIAONE FUZE ZSCALER PRIVATE ACCESS ONETEAM JOBSCORE EVERNOTE SAP BUSINESS OBJECTS WORKDAY WORKPLACE BY FACEBOOK SALESFORCE SERVICENOW CONCUR BOX SMARTSHEET DROPBOX FOR BUSINESS CITRIX XENAPP F5 BIG-IP ADC PLANMYLEAVE AZURE BLOCKCHAIN SERVICE ORACLE LINUX HORTONWORKS RED HAT ENTERPRISE LINUX 7 WORDPRESS MULTI-TIER LAMP KRONOS BARRACUDA WAF GOOGLE AMAZON WEB SERVICES OCTOPUS DEPLOY NGINX Plus CHECK POINT VSEC SUCCESSFACTORS DOCUSIGN AMERICAN EXPRESS TWITTER As of the time of this video being recorded there are close to 3000 SaaS apps available in the Azure Active Directory application gallery. This helps to extend single sign on out to the different SaaS apps that may be in use, helping to eliminate multiple usernames and passwords that many users need for the day to day work life. © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 Azure Active Directory in Microsoft 365 Business
Identity and Access Management Features Office 365 Business Premium Microsoft 365 Business Azure Active Directory Premium P1 Self-service password reset for cloud identities Yes Company branding (logon pages/access panel customization SLA 99.9% Single Sign On (SSO) for > 10 apps No Multi-Factor Authentication (MFA) Enterprise State Roaming for Windows 10 with Azure AD join Over the next two slides we will first of all look at the capabilities that Microsoft 365 Business adds over Office 365 Business Premium, and then we will switch gears and look at how it compares to Azure Active Directory Premium P1, which is available standalone, as part of Enterprise Mobility + Security, or as part of the Microsoft 365 Enterprise offerings. First of all you can see that the first difference is that we can integrate more than 10 SaaS apps per user, making it a better option for organisations with a strong reliance on different SaaS offerings. The second difference is that MFA support is enabled for non-Office 365 apps, bringing stronger security options to the conversation. The third difference is that we can use Enterprise State Roaming to get settings synchronisation across devices. Generally it’s a good idea to go to the service descriptions to check what changes have taken place since this video was recorded., and as mentioned, this is not an exhaustive list. A subset of the details from the Microsoft 365 Business service description technet.microsoft.com/en-us/library/mt aspx

12 Azure Active Directory in Microsoft 365 Business
Identity and Access Management Features Office 365 Business Premium Microsoft 365 Business Azure Active Directory Premium P1 Administrative Units No Yes Cloud app discovery Dynamic Groups Self-service password reset with on-premises AD write-back Device objects two-way synchronization between on-premises directories and Azure AD (device write-back) Conditional access Application proxy Connect Health This slide focuses on the AAD Premium P1 features that aren’t part of Microsoft 365 Business. Rather than going through all of them, let’s focus on a couple of the ones that we get asked about the most. Dynamic Groups an be created based on the objects in the directory matching the conditions you specific. This could include targeting different licenses based on the user’s department, creating a device group for targeting particular MDM policies, are a few of the examples that come to mind. Self-service password reset with on-premises AD write back is the ability to perform self-service password resets in Azure Active Directory, like we mentioned in the previous slide, but in this case also having the ability to write the password back to on-premises Active Directory. Conditional access allows granular rules to be built around changing the user sign-in experience based on a set of conditions including group membership and location. Recently there was a baseline policy option added for admins to require MFA, which is included with all tiers of Azure Active Directory, including what we get with Microsoft 365 Business. A subset of the details from the Microsoft 365 Business service description technet.microsoft.com/en-us/library/mt aspx

13 Demonstration Azure Active Directory user management
For this demonstration, we will start in the Microsoft 365 Business admin center, and use that as the launchpad to access additional Azure Active Directory capabilities of Microsoft 365 Business. To access Azure Active Directory we click on the Admin center icon at the bottom, and then select Azure Active Directory. We end up in what is effectively a curated view of the Azure portal, only exposing AAD functionality. If we click on Azure Active Directory in the favourites list

14 Thank you.

Download ppt "Microsoft 365 Business Technical Fundamentals Series"

Similar presentations

Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows Infra @MaccaMSOz.

Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows
Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.

Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.
Identities and Azure AD Premium

Identities and Azure AD Premium
Slavko Kukrika MVP Connect Windows 10 to the Cloud – Cloud Join.

Slavko Kukrika MVP Connect Windows 10 to the Cloud – Cloud Join.
Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.

Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.
Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD

Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD
Managing Devices in the Enterprise: From EMS zero to Hero in only 60 minutes Ken Goossens Herman Arnedo Mahr.

Managing Devices in the Enterprise: From EMS zero to Hero in only 60 minutes Ken Goossens Herman Arnedo Mahr.
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.

Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
61% of workers mix personal and work tasks in their devices* * Forrester Research: “BT Futures Report: Info workers will erase boundary between enterprise.

61% of workers mix personal and work tasks in their devices* * Forrester Research: “BT Futures Report: Info workers will erase boundary between enterprise.
Recording Brief EMS Partner Bootcamp Variables Values Module Title

Recording Brief EMS Partner Bootcamp Variables Values Module Title
Active Directory Modernization Technical competitive comparison

Active Directory Modernization Technical competitive comparison
The time to address enterprise mobility is now

The time to address enterprise mobility is now
Deployment Planning Services

Deployment Planning Services
A lap around Azure Active Directory Business to Consumer (B2C)

A lap around Azure Active Directory Business to Consumer (B2C)
PowerApps & Flow Licensing Overview for Partners

PowerApps & Flow Licensing Overview for Partners
Deployment Planning Services

Deployment Planning Services
Microsoft Ignite 2016 4/27/2018 9:00 AM THR2016

Microsoft Ignite /27/2018 9:00 AM THR2016
Azure Active Directory - Business 2 Consumer

Azure Active Directory - Business 2 Consumer

Similar presentations

Ads by Google