Microsoft is always developing new and innovative technologies to make every day business easier and safer. The Enterprise Mobility Suite (EMS) is a Cloud-based solution designed to address BYOD, SaaS, and other challenges businesses face. Recently, Microsoft has made announcements of new security capabilities in EMS. These announcements include new innovations in data loss prevention, telemetry, threat detection, and more.
Today’s security threats are continuing to grow and evolve, creating a “threat-scape” among business environments. The threat scape has quickly grown from unsophisticated script kiddie attacks to organized cybercrime against nations by terrorist groups and malicious attackers with intent to steal financial, corporate, and sensitive data.
Organizations need to protect themselves from these threats which is proving to be more difficult as threats evolve. We are reaching the point where the effort put into attacks expands beyond the boundaries of typical security perimeters. Considering the vast amount of organizations storing information in the Cloud and how many mobile devices access it, it is easy to see how quickly a Cloud-based security perimeter can be thinned and erased completely.
The combination of Office 365 and EMS is the market’s primary mobile productivity solution. The changes that Microsoft recently made involving EMS include offering tighter security measures to enterprises for the protection of their corporate data. These security advancements are a huge step forward because enterprises will now be able to ensure that corporate documents and information are safer and more secure no matter what device they are accessed from.
These security measures are a response to customers wanting to be able to focus on protecting corporate apps and data without taking full control of mobile devices. While some enterprises may want to manage data at both the mobile device and application layer, others may only wish to manage either just the apps or just the data. Many enterprises may want to do both in their BYOD environment. The following presents the latest security features to hit EMS.
Telemetry data is new to EMS where enterprise businesses can see where a document was viewed or edited by who and when. Telemetry data also displays failed rights management sharing attempts when someone tries to open a document. As part of the capability, you can see how many times someone tries to open a document and how many times the document has been used. As an even deeper dive, you can see locations on a map of where people are accessing a certain document. Azure AD also offers telemetry data and can report access and activities.
With this capability you’ll be able to see where someone has logged into multiple locations with different time stamps.
Data loss prevention
As another area of security Microsoft has focused on for EMS, new data loss prevention policies have been developed. These policies can help prevent documents being saved to a non-approved location such as a personal Cloud storage application. These policies also apply rules on access to data from personal accounts and corporate accounts. This helps businesses enforce data usage restriction to business use only rather than personal use. These policies were designed to help prevent data leakage and spillage into unauthorized locations and uses.
As another added security feature, Microsoft has a feature built in that prevents the contents of a corporate owned document from being copied and pasted into non-corporate email addresses. This technology understands the difference between business and personal content and will prompt the user to share corporate information only within the approved corporate network. This feature won’t however; prevent someone from forwarding an email to themselves to an external email from within their corporate email.
This also won’t prevent someone from taking a photo of the document while on screen and distributing it. This type of technology doesn’t currently exist. This feature is more designed to protect employees with good intentions from making bad judgement calls or mistakes.
Advanced Threat Analytics (ATA)
This feature is also new to EMS which involves a system machine learning how to detect abnormal behavior and potential security threats. Anything that deviates from normal conditions will flag an alert. If a user account is accessing resources and areas it shouldn’t have any reason to be in, it will be logged. This technology teeters on the edge of a form of artificial intelligence where the machine can learn what activity usually transcends and will spot unusual behavior.
ATA offers a quick and easy way to find out what is going on within a network by identifying strange and unusual behavior from suspicious activity by users and devices with a built in intelligence that identifies threats. This technology uses information from other sources such as Security Information, AD, and Event Management to help create an Organizational Security Graph and identify advanced attacks in as close to real time as possible.
In addition to these new security capabilities, Microsoft is also enabling Mobility Suite users to open RMS protected documents on an Android or iOS based device.
Interested in learning more about Microsoft’s Enterprise Mobility Suite and how it can help your organization? Contact us today.