Home > Store

Enterprise Mobility Suite Managing BYOD and Company-Owned Devices

Enterprise Mobility Suite Managing BYOD and Company-Owned Devices

eBook (Watermarked)

  • Your Price: $15.99
  • List Price: $19.99
  • Includes EPUB, MOBI, and PDF
  • About eBook Formats
  • This eBook includes the following formats, accessible from your Account page after purchase:

    ePub EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    MOBI MOBI The eBook format compatible with the Amazon Kindle and Amazon Kindle applications.

    Adobe Reader PDF The popular standard, used most often with the free Adobe® Reader® software.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

Also available in other formats.

Register your product to gain access to bonus material or receive a coupon.


  • Copyright 2015
  • Dimensions: 7-3/8" x 9"
  • Edition: 1st
  • eBook (Watermarked)
  • ISBN-10: 0-7356-9842-2
  • ISBN-13: 978-0-7356-9842-0

Manage all the mobile devices your workforce relies on
Learn how to use Microsoft’s breakthrough Enterprise Mobility Suite to help securely manage all your BYOD and company-owned mobile devices: Windows, iOS, and Android. Two of the leading mobile device management experts at Microsoft show you how to systematically help protect employee privacy and corporate assets without compromising productivity. You’ll find best practices, step-by-step guidance, and real-world scenarios for every stage of planning, design, deployment, and administration.

Empower your mobile users while improving security and controlling costs

  • Master proven best practices for centrally managing smartphones and tablets
  • Plan mobile strategies that encompass users, devices, apps, and data
  • Overcome BYOD’s unique challenges, constraints, and compliance issues
  • Provide common “hybrid” user identities and a seamless experience across all resources: on-premises, datacenter, and cloud
  • Simplify and improve device enrollment, monitoring, and troubleshooting
  • Help safeguard both corporate and personal information

Sample Content

Table of Contents

Introduction     xiii
Chapter 1: Enabling a mobile workforce     1

The shift towards mobility     1
The challenges of enabling enterprise mobility     2
What about BYOD?     4
Understanding the challenges of BYOD     5
Understanding the Microsoft Device Strategy Framework     7
Designing a strategy to enable a mobile workforce     9
Users     9
Devices     10
Apps     12
Data     13
Threat mitigation     14
Chapter 2: Introducing the Enterprise Mobility Suite     17
Understanding the EMS solution     17
Establishing a hybrid identity     18
Managing mobile devices     20
Protecting data     21
EMS activation process     23
Embracing a mobile workforce scenario     24
Chapter 3: Hybrid identity     27
Cloud identity with Azure AD Premium     27
Azure AD Premium advanced security reports and alerts     28
Azure Multi-Factor Authentication     30
User self-service from the Azure Access Panel     32
Understanding directory integration     35
Source of authority     36
Directory synchronization     36
Active Directory Federation Services     38
Directory integration scenarios     39
Directory sync     40
Directory sync with password sync     40
Directory sync with SSO     40
Multiforest directory sync with SSO     41
Directory synchronization tools     41
Azure Active Directory Synchronization Tool     41
Azure Active Directory Synchronization Services      43
Azure AD Connect      45
Chapter 4: Implementing hybrid identity     49
Scenario description     49
Implementation goals     49
Solution diagram     50
Planning and designing the solution     51
Microsoft Azure planning and design considerations     51
On-premises planning and design considerations     53
Single Sign-On components and considerations     54
Implementing the hybrid identity solution     60
Prepare the Azure AD service for directory integration     60
Prepare the on-premises environment for directory integration     61
Enable Single Sign-On     64
Customize branding     70
Chapter 5: Device management     75
Preparing for device enrollment     76
Mobile Device Management authority     76
Device management prerequisites     78
Device enrollment profiles     80
The Company Portal      80
Customizing the Company Portal     81
Custom company terms and conditions     83
Deploying policies     83
Configuration policies     84
Compliance policies     88
Conditional access policies      88
Exchange ActiveSync policies     90
Policy conflicts     90
Managing inventory     91
Computer inventory     91
Mobile device inventory     91
Performing full and selective wipes     92
Selective device wipes     93
Full device wipes     93
Chapter 6: Implementing device management     95
Scenario description     95
Implementation goals     96
Solution diagram     96
Planning and designing the solution     97
Microsoft Intune service configuration considerations     97
Policies     100
Mobile Device Management enrollment considerations     102
Implementing device management     105
Prepare the Microsoft Intune service for device enrollment     105
Satisfy external device enrollment dependencies      112
Enrolling devices     114
Enrolling iOS devices     114
Enrolling Android devices     117
Enrolling Windows devices     120
Chapter 7: Data access and protection     127
Leveraging on-premises resources      127
Windows Server Dynamic Access Control     128
Web Application Proxy     130
Protecting data at rest at the user device location using work folders     131
Azure RMS     135
How Azure RMS works     137
Choosing the right deployment topology     141
Azure RMS connector     143
Monitoring access to resources      145
Chapter 8: Implementing data protection     149
Scenario description     149
Implementation goals     149
Solution diagram     149
Planning and designing the solution     151
Leveraging Azure RMS      151
Preparing the environment     151
Implementing the solution     153
Configuring Azure RMS templates     153
Azure RMS connector     159
Chapter 9: Monitoring BYOD and company-owned devices     169
Continuous monitoring and incident response     169
Creating an incident response plan     170
Leveraging EMS to monitor resources     171
Azure AD monitoring capabilities     172
Microsoft Intune monitoring capabilities     175
Microsoft Azure RMS monitoring capabilities     179
Leveraging EMS to respond to a security incident     180
Scenario     181
Chapter 10: Troubleshooting Enterprise Mobility Suite     187
Troubleshooting methodology     187
Knowing where to find information     190
Using troubleshooting tools     190
Troubleshooting EMS cloud services     191
Troubleshooting Azure AD Premium     191
Troubleshooting Microsoft Intune     194
Troubleshooting Azure Rights Management Services     199
Index     205


Submit Errata

More Information

Unlimited one-month access with your purchase
Free Safari Membership