TagMicrosoft Intune

S for Security in EMS – Microsoft Intune

So this is the third post in my blog post series “S for Security in EMS” and I will try to cover some Microsoft Intune benefits and quick-wins meaning how to quickly get started with Intune and to gain some benefits right the way. 

First, what is Microsoft Intune?  

Microsoft Intune is an cloud based mobile device manager, this does not mean that MS Intune only can be used for 

Celular phones and tablets. All devices can be enrolled into Intune and by requireing this of your users we can start protecting business data with other tool-sets like Conditional Access, Information Protection and so on. 

When users enroll their devices into intune (that can be Windows, macOS, Android or iOS) the device goes through an “Compliance policy” that you have configured to “measure” the device and stamp it as compliant or non-compliant based on evaluations against the the compliance policy.  

Image result for microsoft intune compliance

So why is Intune so important for the Security part within the EMS Suite? Well! When your device is added to Intune and gone through the Compliance policy marking the device as an Compliant device we can use that status with for example Conditional access to deside on what services a user can access based on compliant device or not.  

Furter on we can with the MDM deploy software like Antivirus/Antimalware (if you don`t use Microsoft Defender ATP :)), deploy Windows 10 security baselines where you can controll several services within Window 10 (https://docs.microsoft.com/en-us/intune/protect/security-baseline-settings-mdm-all?pivots=mdm-may-2019).  

And the last but not least, you have an inventory of devices that can access your enterprise data and applications! Thats a big value to have in your pocket! 🙂 

S for Security in EMS – Overview
Part 1 – S for Security in EMS – Azure AD Premium
Part 2 – S for Security in EMS – Information Protection
Part 3 – S for Security in EMS – Microsoft Intune
Part 4 – S for Security in EMS – Advanced Threat Analytics
Part 5 – S for Security in EMS – Cloud App Security

S for Security in EMS

Since Enterprise Mobility + Security (EMS) is a core component of Microsoft 365 services you need to understand what services is present within the EMS package. In the same way that Microsoft 365 services comes with a E3 or E5 service level does EMS also that. I will try to give a easy and understandable overview of all the core components of EMS within the next 5 blog posts.

We will dig into all the main topics that you se in the table below.

In the table below you will see the difference between the EMS E3 and EMS E5

Service EMS E3 EMS E5
Azure AD Premium P1 P2
Azure Information Protection P1 P2
Microsoft Advanced Threat Analytics Incl. Incl.
Microsoft Intune Incl. Incl.
Cload App Security   Incl.

By now you probably trying to figure out on some questions;

Do I need EMS in my organisation?

Witch EMS subsctiption do I need?

Should we move to Microsoft 365 subscriptions?

The short answered for this is; Yes, depends and maybe. Not much of an answer but if you stay put on the next few blog posts, I will walk through the services on what it does and what it can be used for to make it a little easier to choose the right licenses for your organisation.

Part 1 – S for Security in EMS – Azure AD Premium
Part 2 – S for Security in EMS – Information Protection
Part 3 – S for Security in EMS – Microsoft Intune
Part 4 – S for Security in EMS – Advanced Threat Analytics
Part 5 – S for Security in EMS – Cloud App Security

© 2020 IdefixWiki

Theme by Anders NorénUp ↑