Microsoft’s strategy on identity management aimed squarely at cloud-based services
Microsoft’s technique for supplying customers with identity management options is more and more dependent on cloud-based ways of authentication and access control for provisioning of Home windows-based cellular devices in addition to Apple iOS and Android Os devices.
The newest example is Microsoft Enterprise Mobility Suite, including the kind of software-based “containers” for securing applications available in competing mobile application keeper from MobileIron, AirWatch (acquired by VMWare) yet others, states Kaira Anderson, corporate v . p . of Microsoft’s identity management solutions. But Microsoft really wants to differentiate with Enterprise Mobility Suite by mixing cloud-based authentication and provisioning too. Therefore the suite includes Microsoft Azure Active Directory Premium, with different cloud-based form of Active Directory, along with its Home windows Intune device management.
On the top of this, there’s Microsoft Azure Legal rights Management, that is essentially wherein IT managers can offer file encryption and put policy-based limitations associated with Microsoft ‘office’ applications for example Word, PowerPoint, and Stand out at work 365, Microsoft’s cloud service including a located form of Exchange e-mail. The Azure Legal rights Management component within the Enterprise Mobility Suite is going to be available this fall, states Anderson.
Microsoft launched Enterprise Mobility Suite in May and it is now licensing it at what’s known as a minimal cost reason for $4 per user monthly. Microsoft wants people to think about this a method to transition to cloud-based Active Directory for identity control over cellular devices particularly.
Active Directory being an on-premises server has continued to be the identity repository and linchpin in corporate use for many years for decisions around provisioning various services and applications. The newer cloud service Azure Active Directory Premium will probably be a method to provide identity management connected with third-party software-as-a-service (SaaS) applications. Using Enterprise Mobility Suite, Azure Active Directory Premium provides identity access abilities within the cloud for around 2,000 SaaS applications without getting to become configured, Anderson states.
He adds many occasions companies aren’t even conscious of the number of SaaS applications have been in use over the enterprise, so Microsoft also produced what’s known as Cloud Application Discovery like a utility to allow them discover what SaaS applications workers are using. “We discover most organizations are utilizing about 300 apps,” states Anderson.
The cloud-oriented Enterprise Mobility Suite is only the oncoming of Microsoft’s altering perspective on identity management, Anderson states. Once the identity and access management process moves in to the cloud, it may facilitate new kinds of security controls, he states. For example, security monitoring may use machine-learning within the cloud to look out for indications of suspicious occasions, for example whether someone authenticates within the U.S., however inside a narrow time-frame then attempts to authenticate through Russia. This is “a warning sign towards the administrator” and is blocked, he adds.
With the secure “container” in Enterprise Mobility Suite, which could separate out personal or business apps the worker use has, the IT administrator can remotely wipe content associated with business without disturbing the employee’s personal apps. This really is particularly useful within the “Take The Own Device” (BYOD) scenario that’s being more and more adopted by companies prepared to let employees us their personal cellular devices for work.
Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends associated with information security. Twitter: MessmerE. E-mail: [email protected]