You are previewing Enterprise Mobility Suite Managing BYOD and Company-Owned Devices.
O'Reilly logo
Enterprise Mobility Suite Managing BYOD and Company-Owned Devices

Book Description

Manage all the mobile devices your workforce relies on
Learn how to use Microsoft’s breakthrough Enterprise Mobility Suite to help securely manage all your BYOD and company-owned mobile devices: Windows, iOS, and Android. Two of the leading mobile device management experts at Microsoft show you how to systematically help protect employee privacy and corporate assets without compromising productivity. You’ll find best practices, step-by-step guidance, and real-world scenarios for every stage of planning, design, deployment, and administration.

Empower your mobile users while improving security and controlling costs

  • Master proven best practices for centrally managing smartphones and tablets

  • Plan mobile strategies that encompass users, devices, apps, and data

  • Overcome BYOD’s unique challenges, constraints, and compliance issues

  • Provide common “hybrid” user identities and a seamless experience across all resources: on-premises, datacenter, and cloud

  • Simplify and improve device enrollment, monitoring, and troubleshooting

  • Help safeguard both corporate and personal information

  • Table of Contents

    1. Title Page
    2. Copyright Page
    3. Contents at a glance
    4. Contents
    5. Foreword
    6. Introduction
      1. Acknowledgments
      2. Free ebooks from Microsoft Press
      3. Microsoft Virtual Academy
      4. Errata, updates, & book support
      5. We want to hear from you
      6. Stay in touch
    7. Chapter 1. Enabling a mobile workforce
      1. The shift towards mobility
      2. The challenges of enabling enterprise mobility
      3. What about BYOD?
        1. Understanding the challenges of BYOD
        2. Understanding the Microsoft Device Strategy Framework
      4. Designing a strategy to enable a mobile workforce
        1. Users
        2. Devices
        3. Apps
        4. Data
        5. Threat mitigation
    8. Chapter 2. Introducing the Enterprise Mobility Suite
      1. Understanding the EMS solution
        1. Establishing a hybrid identity
        2. Managing mobile devices
        3. Protecting data
      2. EMS activation process
      3. Embracing a mobile workforce scenario
    9. Chapter 3. Hybrid identity
      1. Cloud identity with Azure AD Premium
        1. Azure AD Premium advanced security reports and alerts
        2. Azure Multi-Factor Authentication
        3. User self-service from the Azure Access Panel
      2. Understanding directory integration
        1. Source of authority
        2. Directory synchronization
        3. Active Directory Federation Services
      3. Directory integration scenarios
        1. Directory sync
        2. Directory sync with password sync
        3. Directory sync with SSO
        4. Multiforest directory sync with SSO
      4. Directory synchronization tools
        1. Azure Active Directory Synchronization Tool
        2. Azure Active Directory Synchronization Services
        3. Azure AD Connect
    10. Chapter 4. Implementing hybrid identity
      1. Scenario description
        1. Implementation goals
        2. Solution diagram
      2. Planning and designing the solution
        1. Microsoft Azure planning and design considerations
        2. On-premises planning and design considerations
        3. Single Sign-On components and considerations
      3. Implementing the hybrid identity solution
        1. Prepare the Azure AD service for directory integration
        2. Prepare the on-premises environment for directory integration
        3. Enable Single Sign-On
        4. Customize branding
    11. Chapter 5. Device management
      1. Preparing for device enrollment
        1. Mobile Device Management authority
        2. Device management prerequisites
        3. Device enrollment profiles
        4. The Company Portal
        5. Customizing the Company Portal
        6. Custom company terms and conditions
      2. Deploying policies
        1. Configuration policies
        2. Compliance policies
        3. Conditional access policies
        4. Exchange ActiveSync policies
        5. Policy conflicts
      3. Managing inventory
        1. Computer inventory
        2. Mobile device inventory
      4. Performing full and selective wipes
        1. Selective device wipes
        2. Full device wipes
    12. Chapter 6. Implementing device management
      1. Scenario description
        1. Implementation goals
        2. Solution diagram
      2. Planning and designing the solution
        1. Microsoft Intune service configuration considerations
        2. Policies
        3. Mobile Device Management enrollment considerations
      3. Implementing device management
        1. Prepare the Microsoft Intune service for device enrollment
        2. Satisfy external device enrollment dependencies
      4. Enrolling devices
        1. Enrolling iOS devices
        2. Enrolling Android devices
        3. Enrolling Windows devices
    13. Chapter 7. Data access and protection
      1. Leveraging on-premises resources
        1. Windows Server Dynamic Access Control
        2. Web Application Proxy
        3. Protecting data at rest at the user device location using work folders
      2. Azure RMS
        1. How Azure RMS works
        2. Choosing the right deployment topology
        3. Azure RMS connector
        4. Monitoring access to resources
    14. Chapter 8. Implementing data protection
      1. Scenario description
        1. Implementation goals
        2. Solution diagram
      2. Planning and designing the solution
        1. Leveraging Azure RMS
        2. Preparing the environment
      3. Implementing the solution
        1. Configuring Azure RMS templates
        2. Azure RMS connector
    15. Chapter 9. Monitoring BYOD and company-owned devices
      1. Continuous monitoring and incident response
        1. Creating an incident response plan
      2. Leveraging EMS to monitor resources
        1. Azure AD monitoring capabilities
        2. Microsoft Intune monitoring capabilities
        3. Microsoft Azure RMS monitoring capabilities
      3. Leveraging EMS to respond to a security incident
        1. Scenario
    16. Chapter 10. Troubleshooting Enterprise Mobility Suite
      1. Troubleshooting methodology
        1. Knowing where to find information
        2. Using troubleshooting tools
      2. Troubleshooting EMS cloud services
        1. Troubleshooting Azure AD Premium
        2. Troubleshooting Microsoft Intune
        3. Troubleshooting Azure Rights Management Services
    17. Index
    18. Code Snippets