Pluralsight

From Max's Wiki
Revision as of 20:10, 20 December 2017 by Max (talk | contribs)
Jump to navigation Jump to search

Getting Started with EMS

What is it?

  • Azure AD
    • SSO and identity platform for cloud and on-premises apps
  • Microsoft Intune
    • Cloud-based mobile device management platform
  • Azure Rights Management
    • Encryption and authorization polices for corporate data

Why do you care?

  • Provides users with SSO with self service password reset and MFA
  • Manage all user devices from a single pane using MDM and MAM solutions
  • Protect corporate data outside your organization through encryption, authorization and identity policies

Benefits of EMS

  • Short Term
    • Authentication for mobile workforce. Data leakage. Ability to scale up and down dramatically.
  • Long Term
    • Lower TCO (Total Cost of Ownership). Walled garden security approach. SSO.

In Short

  • Rise of Cloud Computing
  • BYOD!
  • Security Gaps
  • Microsoft Enterprise Mobility Suite

What's Included with Microsoft Azure AD Premium?

Single Identity with write-back integration to on-premises AD

  • Self-service password reset
    • Including on-premises users
  • Branding (Outlook on the web)
  • Multi-factor authentication
    • Including on-premises users
  • SSO for SaaS applications
  • Azure AD Application Proxy
  • Compliance reporting and auditing
  • Dynamic Groups

Self-service password reset

  • Azure AD -> DMZ -> On-premises (AADConnect and AD DS)

Branding (Outlook on the web)

  • Self-explanatory
    • Change login picture upon login, and add custom text to bottom of page

Multi-factor authentication

  • Second layer of security
  • Something you know, have or are
  • Various methods available
    • Phone call
    • SMS
    • Mobile app notification
    • Mobile app verification
    • OATH tokens

SSO for SaaS applications

  • Company application (Facebook/Twitter) is managed through SaaS, and can be reset using user's AD SSO

Azure AD Application Proxy

  • Securely publish on-premises applications to the cloud
  • Remote Access as a Service
  • Uses a connector installed on-premises
  • Incoming web traffic hits Azure AD

Compliance reporting and auditing

  • Reports anomalous activity and more

Dynamic Groups

  • Auto add users to different groups/memberships (I.E. Auto-add to Marketing/Sales)

Securing Devices Using Microsoft Intune

  • MDM
  • Application Deployment
    • Store/Developed
  • Wi-Fi * VPN Profiles
  • Conditional Access
  • Microsoft Mobile Application Management

Taking a closer look into Intune

Retrieved from "http://manaiakalani.info/wiki/index.php?title=Pluralsight&oldid=9999"