Delegated Administration with Azure Active Directory Administrative Units

Office 365 comes with a set of admin roles that can be assigned to users within your organization. Each admin role maps to common business functions and gives your users permissions to do specific tasks in the Office 365 admin center and Windows PowerShell.
This is especially true for large organizations or universities with multiple brands or decentralized administration within a single Office 365 tenant, the default admin roles can cause headaches. While the delegation of permissions in Exchange Online works very well with Role Based Access Control (RBAC), other applications and services are hard to manage at a granular level. For example, license management or helpdesk for different countries, brands, and organizations. In these organizations, only a subset of administrative users are allowed to edit properties based on their region or brand.

Read more at the ENOW SOFTWARE BLOG

Microsoft Enterprise Mobility Suite (EMS) – Identity + Access Management (IAM)

The growth of mobile devices such as smartphones and tablets changed the world rapidly. Most notably business users store important information on their devices such as emails, certificates, pictures, corporate apps and applications, etc. Maintaining control over their applications across corporate datacenters and public cloud platforms has become a significant challenge. IAM helps organizations to reduce helpdesk costs with self-service and single-sign-on experiences.

EMS – Enterprise Mobility Suite was introduced in the end of 2014. There is no specific product for EMS, it’s a collection of services you can choose.

Currently EMS contains the following services:

–          Cloud Identity + Access Management: gives users self-service capabilities and single sign-on for any corporate resource for easier identity management – for cloud-only and hybrid identities.

–          Mobile Device + Application Management: mobile device management, such as MDM in Office 365 and Intune to manage and protect corporate data and apps on almost any device.

–          Information Protection: information security management across on-premises environment and cloud applications while protecting corporate data inside and outside of the organization.

–          Desktop Virtualization: a scalable platform to deliver corporate applications simply and cost effectively – everywhere.

Continue reading “Microsoft Enterprise Mobility Suite (EMS) – Identity + Access Management (IAM)”