The Schwartz Report

Blog archive

Microsoft Begins Rollout of Integrated EMS Console

Microsoft's Enterprise Mobility + Security (EMS) service is getting a facelift. A unified EMS console will roll out in the coming months to customers with Microsoft's cloud-based platform for enrolling, configuring and securing devices and services including Office 365.

The upgrade comes as Microsoft is making an aggressive push to accelerate growth of its combined enterprise mobile device management and identity management-as-a-service offerings, announced less than three years ago, as a bundle of Intune for device configuration and management, Azure Active Directory Premium and Azure Information Protection (aka Azure Rights Management). 

More than 41,000 organizations have paid subscriptions to Microsoft's EMS with 4,000 signing up in the last quarter, according to a tweet by Corporate VP for Mobility Management Brad Anderson. Paid seats last quarter grew 135 percent, his tweet added.

The new EMS console will provide one common system for mobile device management and user policies, Anderson underscored in a blog post late last month, announcing the planned rollout. "This means that you no longer have to go to one console to set identity policies, and then another console to set device/app policies. It's all together," Anderson noted.

Customers will be advised when their existing EMS tenants will change, which Anderson said should be complete over the next several months. The new EMS console will be part of a Web-based portal that won't be dependent on the currently used Silverlight-based approach. Any new subscribers and those signing up for trials will automatically have access to the new EMS Console, and existing customers can sign up for free trials if they want access to it right away.

"What we are delivering with this new EMS console is an integrated administrative experience that makes the end-to-end scenarios we've enabled far simpler, much more powerful, and even more flexible," Anderson noted. In an example of what the integrated administrative experience offers, Anderson's post described how admins can set conditional access policies.

"Conditional Access enables IT to define the rules under which they will allow access to corporate data -- which EMS then enforces in real time," Anderson explained. "With an integrated EMS console, we can now bring together all the different areas where IT wants to define risk polices that govern access -- this allows you to define a complete and comprehensive set of rules."

The EMS console lets IT managers define their own risk policies and set rules for access, such as whether or not certain log-in attempts should be deemed suspicious whether a device meets an organization's mobile device management (MDM) policies. "We will now evaluate in real time the risk in each of those areas and only grant access to a service/application if the risk is within the constraints you define," he noted.

In addition to managing devices with the EMS console, EMS customers can apply policies to more than 3,000 SaaS third-party offerings, as well as applications running on premises.

Posted by Jeffrey Schwartz on 02/10/2017 at 12:33 PM


comments powered by Disqus

Subscribe on YouTube