Reviews (1-1 of 1)
July 06, 2019
Score 9 out of 10
We implement Microsoft EMS + Security at all of our clients who use Office 365, as well as internally. It provides advanced threat protection from malware, phishing and impersonation attacks, as well as includes an Azure AD Premium subscription for each user, so they are licensed for Azure AD services like Single Sign-On, which we use with just about any cloud service we can that supports Azure AD SSO via SAML. Lastly, we use the InTune subscription included for basic asset management and configuration policies for Windows 10 devices.
- Azure AD Single Sign-On -- this is my favorite feature of EMS + Security. It is easy to setup and MS has simple instructions for most popular cloud services.
- InTune -- the changeover from the old InTune Client/Silverlight Portal has been painful, but once you get Win10 devices setup with InTune, management is a breeze.
- InTune deployment via Hybrid Azure AD. The instructions seem very simple but there are lots of little areas you can get tripped up and there is little logging to see where you've gone wrong.
- Advanced Threat Protection anti-impersonation. It is WAY too sensitive. Users emailing themselves from personal accounts get their mail sent to quarantine just because the name/label of the personal account matches their Office 365 mailbox name/label? HUH???
- Licensing. Typical of Microsoft, what you're actually getting and details of licensing are confusing.
Read Patrick Plaisance's full review
Any organization that is running Office 365 for email should have EMS licenses. The benefits are manifold compared to the reasonable cost. Truthfully, I think a lot of the features should be part of an O365 Business Premium license, but since the EMS license is a drop in the bucket, it's hard to complain.
Microsoft Enterprise Mobility + Security Scorecard Summary
About Microsoft Enterprise Mobility + Security
Microsoft Enterprise Mobility + Security is a suite of applications supporting mobile device and application security, MDM, as well as conditional or privileged access with multi-factor authentication, and advanced security reporting. Products in the suite includes Microsoft Intune mobile device management, Azure Information Protection, Microsoft Identity Manager, Microsoft Cloud App Security, Azure Active Directory, and other ancillary applications.
Microsoft Enterprise Mobility + Security Technical Details