What Do I Get With Enterprise Mobility + Security E5?

Microsoft has a large selection of Office 365 subscriptions, but unless you understand these services how do you make an educated decision on which subscription to purchase?

Security seems to be on everyone’s mind these days after recently publicized breaches so let’s look at a mobility and security offering from Microsoft. In this post we’ll look at Microsoft’s Office 365 Enterprise Mobility + Security E5 subscription (EMS E5) and explain the services that are included.

Microsoft takes a layered approach to security. As such they offer a plethora of features in their EMS subscriptions. When I was preparing for this blog post I was a bit overwhelmed by the features of EMS E5, but if you look at them in a grouping of services (Identity, Endpoint, Information Protection, Cloud Security and Advanced Threat Protection), the task of learning what each service represents doesn’t seem as formidable. Let’s look at what’s included in EMS E5.

List of services included with Office 365 EMS E5:

Azure Active Directory Premium P2 – In addition to the Free and P1 features, P2 also offers Azure Active Directory Identity Protection to help provide risk-based Conditional Access to your apps and critical company data and Privileged Identity Management to help discover, restrict, and monitor administrators and their access to resources and to provide just-in-time access when needed.

Microsoft Intune – Microsoft Intune is a cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM). You control how your organization’s devices are used, including mobile phones, tablets, and laptops. You can also configure specific policies to control applications.

Advanced Threat Analytics – (ATA) is an on-premises platform that helps protect your enterprise from multiple types of advanced targeted cyber attacks and insider threats.

Azure Rights Management – Azure RMS helps to protect files and emails across multiple devices, including phones, tablets, and PCs by using encryption, identity, and authorization policies.

Windows Server CAL rights – This license does include Windows Server CALs, but you will still need to purchase the actual server licenses. 

Azure Information Protection P2 – Azure Information Protection (AIP) is a cloud-based solution that enables organizations to discover, classify, and protect documents and emails by applying labels to content.

Microsoft Cloud App Security – Microsoft Cloud App Security is a Cloud Access Security Broker (CASB) that operates on multiple clouds. It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your cloud services.

Azure Active Directory [AD] Identity Protection (as a feature of AADP P2) –  Identity Protection is a tool that allows organizations to accomplish three key tasks; Automate the detection and remediation of identity-based risks, Investigate risks using data in the portal and Export risk detection data to third-party utilities for further analysis.

Azure Defender for Identity –  Microsoft Defender for Identity (formerly Azure Advanced Threat Protection, also known as Azure ATP) is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.

Azure AD Privileged Identity Management (as a feature of AADP P2) – Privileged Identity Management (PIM) is a service in Azure Active Directory (Azure AD) that enables you to manage, control, and monitor access to important resources in your organization. These resources include resources in Azure AD, Azure, and other Microsoft Online Services such as Microsoft 365 or Microsoft Intune.

References: 

https://bit.ly/3m6VTSn
https://bit.ly/3cyp91b
https://bit.ly/3m3JH4W
https://bit.ly/2O4aJfT
https://bit.ly/3unkNA0
https://bit.ly/3utyXjf
https://bit.ly/3fLThIq
https://bit.ly/3cXhgTs
https://bit.ly/3rXPyKp