Pros and Cons of Microsoft's Enterprise Mobility + Security (EMS)
Every once in a while a new technology comes around that gets us particularly excited. iCorps vets up-and-coming solutions on a weekly basis and many don't pass our strict standards - after all, if we're recommending a solution to our clients, it better be top-notch, practical for businesses of all sizes, and manageable. When Enterprise Mobility Suite (now Enterprise Mobility + Security) was introduced by Microsoft a couple of years ago to help businesses manage their mobile and on-premises devices, we paid attention. Now, with the cyber landscape getting darker by the day, businesses are paying attention too. As a Microsoft partner that's deployed EMS for many companies in the past year including our own, we can speak to the validity of this suite of services.
The Pros of Microsoft Enterprise Mobility + Security:
Pro - Manage Devices and Patches with InTune
How do you balance allowing employees to use their personal devices without risking intrusion on their privacy while protecting company data at the same time? With Intune - a tool within the EMS suite that allows businesses to manage all their devices at the application level across on-premises and/or cloud environments. Organizations can provide and manage access to mobile business apps and Office 365 data while helping prevent data leaks. Intune also enables organizations to patch their systems and applications in a timely manner to avoid vulnerabilities.
Pro - Manage User Identities to Protect Business-Critical Data
Over 60% of attacks stem from compromised user credentials. Protecting user identities is at the foundation of how organizations should secure and manage their users, devices, apps, and data. EMS takes a comprehensive approach to protecting identities as well as the applications and data being accessed by employees. EMS allows organizations to safeguard their resources with features such as conditional access, allowing or disallowing access to applications and resources, or multi-factor authentication which requires employees to sign on using a password in addition to a secondary layer of verification.
Pro - Cyberthreat Intelligence with Advanced Threat Analytics
Imagine that a burglar enters your home while you're running errands, sets up a hidden camera, and watches your whereabouts all the while plotting to steal your valuable belongings the moment you go on vacation? What if you had known? Cyber attackers have access to networks for a median of 146 days before being discovered. Microsoft's Advanced Threat Analytics leverages machine learning and behavioral analytics to detect, investigate and prioritize advanced attacks in real-time. Once suspicious activity is detected, Microsoft's intuitive attack timeline gives organizations the "who, what, when, and how" as well as recommended next steps so they can act fast.
Con - Does Not Support Location Services
One shortcoming of Intune, a service within the EMS suite, is its lack of location services. Many mobile device management (MDM) solutions in the market allow an organization to track where their devices are and have gone, through GPS technology, at any given point in time. While location services can be useful or necessary for certain organizations (i.e. those using devices for ship tracking), others may not find this to be a necessary feature in their MDM solution. End users might also find location services to be intrusive and raise privacy flags if their organization can track where they are at all times they have their device on them.
Con - Expertise Required to Deploy Successfully
This is only a con for anyone looking for a quick fix. We'd argue that any solution that provides defense-in-depth services is going to require a multi-layered approach and some work on the front end to ensure you're implementing the pieces that make the most sense for your organization. Because EMS has several services with a host of different technical features that can be deployed, we recommend partnering with a Microsoft partner that has experience implementing the solution. A dedicated partner will ensure that you are deploying the services that are necessary for your business, your IT environment, and your users. Reach out for your free business consultation.