Microsoft Beefs Up Cloud Identity Services as Part of Mobile Push
As part of launching an Enterprise Mobility Suite, Microsoft announced that Azure Active Directory Premium was set to hit General Availability. Microsoft Azure Active Directory Premium extends the free identity management and single sign-on service with additional group-management capabilities, rebranding options, security analytics, and more.
The Microsoft Enterprise Mobility Suite (EMS) – which is a packing of existing services versus an entirely new product – was introduced by new Microsoft CEO Satya Nadella at an event last week and explained further in a blog post by Microsoft VP Brad Anderson. Anderson points out that the EMS addresses three key areas: mobile device management delivered via Microsoft Intune, data protection courtesy of Microsoft Azure Active Directory Rights Management Services, and identity management provided by Microsoft Azure Active Directory (AD) Premium.
Today, Microsoft Azure AD delivers a cloud-hosted user repository that can synchronize with on-premises directories and provide single sign-on with SaaS applications. These applications could be custom built, or chosen from a growing gallery that includes Wordpress, Box, Salesforce.com, Marketo, and of course, Office 365. In April, Azure AD Premium becomes generally available and adds a host of features to the base service. AD Premium adds self-service password reset (with synchronization back to on-premises directories), self-service group management, per-user multi-factor authentication settings, customized branding, and nine new security reports. Buyers can activate AD Premium through their Microsoft Enterprise Agreement or via the free preview that’s currently underway.
Ben Kepes of Forbes took a look at this announcement and described how the combination of Intune, Right Management, and Azure AD Premium offer a complete story.
Using all three of these solutions, organizations can set up single sign on, so that users can seamlessly sign on to all of the different applications they need to use. Corporate IT can manage the different mobile devices that employees use, and control the access to data across those devices. Enterprises can set up a corporate App Store to deliver end user applications to employees. And the data being transmitted between devices can be secured via encryption.
Kepes talked to Microsoft’s Brad Anderson and found it compelling that EMS was from a single vendor, offered at a single per-user (not device) price, and tightly integrated with the world’s most popular identity management platform, Active Directory. Kepes sees organizations trying to “balance control with usability” where they offer self service simplicity, but with the required data protection and governance. Anderson believes that Microsoft has to give customers the flexibility to apply corporate policies in a variety of situations, and that tools like Azure AD Premium offer such a solution.