Microsoft 365

Microsoft 365

What is Microsoft 365?

Well don’t look for a new Microsoft product, it is not. It is basically the name Microsoft gave for the combination of the use of: Office 365 ProPlus, Windows 10 and Enterprise Mobility + Security (EMS).

Actually these days you will probably see the terms “Microsoft 365 powered device”, that refers to the proper PC. You may also already use Microsoft 365 without knowing it! That was the case at IXIT since we are using these tools on our most recent computers.

The key feature in Microsoft 365 is EMS (Enterprise Mobility + Security). Because everybody knows quite enough about the Office tools & Windows 10 we will focus here mostly on EMS.

Enterprise Mobility + Security (EMS)

The whole EMS is huge & quite impressive, here we will give only a quick glance at it. You can find complete and detailed information about EMS from this page.

Today, work is made across multiple device (PC, mobiles, tablet) in different places with external network (more or less secured), and it affects the way IT is managed. Microsoft calls this “Modern IT”. In Modern IT the need to protect corporate resources, documents, and data is increasing.

Deployment

EMS provide an easy way to deploy and manage devices.

IT admin can configure cloud-powered deployments. These will allow automatic setup of devices: when the end user connects for the first time to his PC with his O365 credentials, based on the user data in the organization, Autopilot and Intune automatically configure Windows 10, by installing the programs defined for this user and apply the security policies (among others).

From an admin point of view, EMS is managed from the Azure portal, the most important features being Intune, Azure AD, and Privileged Identity Management, we won’t cover here all the features as there is quite a lot of them.

Intune allows to choose which applications have to be deployed, along with configuration settings, and possible PowerShell scripts to be executed on the end-user device, based on the user profile.

Always up to date

Microsoft’s idea is to keep windows 10 & Office 365 for a long time, do not expect to see soon any windows 11 or a new name version for Office. Even if we can consider it only as a modification in Microsoft name-policy, it is actually a deeper change. For instance license management will be a lot simpler.

The updates will be more frequent but won’t represent drastic changes. Microsoft plan to have 2 releases per year for both Windows & Office, and the release for both products will be aligned in time. Before that, usually organization only updated their system every 3-5 years.

If you manage update from Intune you can define groups of users and associate different update policies, you could have for instance the new version installed automatically when available only to a set of test users, then a global updated for most end-user a month later, and a final update a week after for the critical users.

Having up-to-date programs and an operative system with all security updates ensure you are more protected against vulnerability.

Security

From one side, the user will have all Windows 10 security features.
Windows 10 security

On the other side, we have EMS-enabled data protection like: security policies (Intune), data encryption, tracking and labeling based on policies (Azure Information Protection) and monitoring (cloud apps).
For instance, Intune enrollment enables policies that enforce, among other, device encryption, a six-digit PIN or password, inactivity timeout period, antivirus and malware protection, auto-updates, VPN or wifi settings, certificates installation, etc.

Another very common situation is when a user leaves the company or if a mobile device has been lost or stolen, from Intune you can remotely launch a full wipe to restores the device to its factory defaults or a selective wipe to remove only specific-company data.

Analytics

Advanced analytics in EMS will provide better insights, you will be able to

  • Identify and resolve applications compatibilities.
  • Monitor device health by identifying and remediating end-user issues.
  • Ensure compliance with timely reports for all your devices.

Conclusion

Obviously, the transition from classical IT to this new approach will be quite slow and substantial for the biggest companies but at the end it will be worth the effort.

Given that Windows 7 & Office 2010 are coming to an end (support ends in 2020) it may be a good opportunity to start looking deeper at Microsoft 365. If you need more information do not hesitate to contact us.

Next Post Previous Post