Microsoft Enterprise Mobility + Security (EMS)

Written by Shawn Lyles

January 13, 2017

Microsoft Enterprise Mobility + Security (EMS)

With EMS Microsoft continue to build on identity at the core of the solution to maximize staff productivity while at the same time providing the necessary capabilities across security, Azure-Active-Directory-Connect-User-Sign-inmanagement of devices and apps, and information protection to ensure that critical data is protected. From now Microsoft are expanding these capabilities even further with:

  • Pass-through authentication with Azure Active Directory, available in preview, enables secure single sign-on to cloud resources without requiring syncing of passwords to the cloud, or modification to existing on-premises network infrastructure.
  • Microsoft Intune’s new Admin Console in Azure, rolling out in preview, makes setting up integrated security and management scenarios across EMS services even easier.
  • Azure Information Protection updatesthat provide even greater flexibility and security for protecting data at the file level.  These updates include support for more file types, integration with your on-premises encryption key network, and new options for creating classification and protection policies.

Here’s more on these new capabilities and how you will benefit from these innovations:

Pass-through authentication with Azure Active Directory

Pass-through authentication now in preview, lets users securely login to cloud resources by validating their password against their on-premises Active Directory more easily than ever. This feature allows customers that cannot or do not want to store passwords in the cloud (even encrypted ones) to onboard Azure Active Directory and Office 365 without having to modify their corporate network infrastructure and install products such as Active Directory Federation Services (AD FS) or similar third party federation solutions. Pass-through authentication is set up via the Azure AD Connect admin experience as the second option for authentication along with Password Sync and AD FS.

Additionally, with this new update, both “Pass-through authentication” and “Password Synchronization” authentication options will now provide seamless single sign-on to Azure AD connected applications from Windows devices.

Preview of Microsoft Intune Admin Console in Azure

The new Intune admin experience on Azure begins rolling out in public preview for new and test tenants. The new console, built in Azure, provides powerful and integrated management of core EMS security solutions, such as conditional access to corporate resources based on device, users or risk, allowing for set up and management of policies between Intune and Azure Active Directory. This new admin experience makes it easier than ever to protect tens of thousands of mobile devices.

Azure Information Protection updates

Protecting data at the file level throughout its lifecycle, from creation to sharing to tracking and revocation, regardless of where it is stored or accessed, is a key priority for our customers and a unique part of the EMS solution. Since the release of Azure Information Protection in October Microsoft have been listening to customer feedback and are releasing several new capabilities.  An example of this – AIP gives end users more focused classification and protection options with policies based on group membership.

If you find this helpful and would like more information, email me on

Thank you.


You May Also Like…

You May Also Like…


Translate »
Share This