Components of EMS

- [Instructor] Microsoft's solution to meeting these requirements that we talked about in the cloud is the Enterprise, Mobility, and Security Suite. EMS includes a number of different components, and we're going to walk through all those components in this course. That includes Azure Active Directory Premium, which enables you to create a hybrid identity management solution that takes your on-premises identities and your on-premises active directory domain and bridge those to the cloud so you can extend those identities as a control point to all the different cloud applications that you want to use. Those could be first party cloud applications from Microsoft like Office 365, or they can be third party applications from any number of vendors that can integrate with Azure Active Directory.

Microsoft Intune works with Azure Active Directory to provide mobile device management and mobile application management. So now your users can work from practically any device, and you can enforce the controls you need, either on their device or just on the applications and the data that they're accessing in those applications, so you can be sure that you know where that data is, and that you have control over it. But at the same time, you can make sure that if it's their personal device, you're not taking an unnecessary level of control over that device. Azure Information Protection is all about classifying and protecting your data.

Now we can take data, no matter where it is, we can enable end users to apply classifications like whether it's confidential or secret, or it includes personally identifiable information, and based on those classifications, we can take action to encrypt that data and make sure that only certain people that we define have access to that data, and those that don't, won't be able to open the file. What this means is that now, even if a file is on an unmanaged device, or is placed in a location that we wouldn't ordinarily allow, because the file is encrypted, nobody has access to it other than those that are supposed to.

Because On Premises Active Directory is still the source of authority for Azure Active Directory, and all of our cloud identities, it's incredibly important that we make sure that it's safe, secure, and reliable, and Advanced Threat Analytics is an on-premises component of Enterprise, Mobility, and Security Suite that allows us to detect potential attackers, bad behaviors, suspicious behaviors, and persistent threats before they become a problem. Advanced Threat Analytics analyses all the behaviors of all your users and computers in your Active Directory, and it's able to boil that down into a report of what's going on and whether or not something suspicious is going on that you need to investigate.

And finally, because it's so easy for people to purchase cloud services, to set them up and not even need to involve IT, Cloud App Security lets us combine information about approved cloud services that we expect users to be using, as well as discovering cloud applications that people are potentially using without IT's knowledge. Based on that data, we can place those services under control and within those services, we can place controls about the type of data that's stored in them, who can access it, and what they're doing with it. We can create alerts for potential risks, and respond to those either automatically, or on a per-case basis.

These five components collectively comprise Microsoft's Enterprise, Mobility, and Security Suite, and we're going to dig into what each of these do.