Users Devices Apps Data Users expect to be able to work in any location and have access to all their work resources. The explosion of devices is eroding the.
Download ReportTranscript Users Devices Apps Data Users expect to be able to work in any location and have access to all their work resources. The explosion of devices is eroding the.
Users Devices Apps Data Users expect to be able to work in any location and have access to all their work resources. The explosion of devices is eroding the standards-based approach to corporate IT. Deploying and managing applications across platforms is difficult. Users need to be productive while maintaining compliance and reducing risk. Enable your end users Allow users to work on the devices of their choice and provide consistent access to corporate resources. Unify your environment Users Devices Apps Data Deliver a unified application and device management onpremises and in the cloud. Protect your data Management. Access. Protection. Help protect corporate information and manage risk. Value Proposition: End user productivity, being able to work from anywhere, from any device Companies can manage their risk when dealing with different types of devices Single Sign On (SSO) experience on Workplace Joined devices Join Windows and iOS devices to the Workplace SSO across browser and enterprise applications Enable users to work from anywhere, adhering to IT risk management strategy IT can conditionally grant access to company applications Workplace joined devices provide a seamless second factor authentication Conditions include user, device and strength of authentication Audit logs capture the user and device information IT/ISV can author enterprise apps that deliver native experiences on devices and are integrated with AD for SSO and conditional access Access to company resources, from anywhere from any device Allow access from specific users, only when they are on-premises Allow access from specific users, when accessing from devices known to me All access to on-premises resources needs to be preauthenticated: only known users from known devices allowed Allow access from anywhere, from known devices. Require another additional factor on access Users join their device to their workplace, making the device known to the company’s Active Directory Users sign-in once to their company from any application and are not prompted for credentials by every company application when using workplace joined devices. Businesses enable users to work from anywhere while adhering to their IT governance policies around risk management Businesses require additional factors of authentication when business critical resources are accessed or when there is perceived risk Businesses set conditional access control to resources based on four core pivots: the user, the device used, the user’s network location and use of additional auth factors ISVs build enterprise apps that delivery SSO and allow enterprises to set the access control policies based on user, device and network location, and MFA Allow access from specific users, when accessing from devices they have workplace joined Active Directory Organizations can connect to SaaS applications running in Windows Azure, Office 365 and 3rd party providers Enhancements to ADFS include simplified deployment and management Organizations can federate with partners and other organizations for seamless access to shared resources Firewall Published applications Conditional access with multifactor authentication is provided on a per-application basis, leveraging user identity, device registration & network location Users can register their devices to gain access to corporate data and apps and single sign-on through device authentication 12 Associates the device with a user Provides a seamless second factor authentication Enables IT to conditionally restrict access only to workplace joined devices Enables a better end user experience with SSO Avoids risks involved in saving passwords with each application Avoids users having to repeatedly enter their credentials Enabled by device registration service in AD FS Not Joined to AD Workplace Joined Domain Joined Active Directory Limited access No IT Control Users can enroll devices for access to the Company Portal for easy access to corporate applications IT can publish Desktop Virtualization (VDI) for access to centralized resources Users can work from anywhere on their device with access to their corporate resources. IT can publish access to resources with the Web Application Proxy based on device awareness and the users identity Users can register devices for single sign-on and access to corporate data with Workplace Join IT can provide seamless corporate access with DirectAccess and automatic VPN connections. 15 ► Browser-based web applications (integrated with Windows authentication or using claims) ► Rich applications accessing RESTful services ► ► ► ► Pre-authentication Access based on user, known device, location and MFA Account soft-lockout ► Access to corporate resources from inside and outside the corporate network Access to corporate resources from any device ► ► ► User needs to provide credentials just once SSO across browser based web apps including Office SSO across rich applications WCA-B214 Windows Server Work Folders overview – my corporate data on all my devices WCA-B332 Windows Server Work Folders – a deep dive into the new Windows Server data sync solution WCA-B333 Enable work from anywhere without losing sleep: remote access with the Web Application Proxy and VPN solutions WCA-B334 Secure anywhere access to corporate resources such as Windows Server Work Folders using ADFS http://channel9.msdn.com/Events/TechEd www.microsoft.com/learning http://microsoft.com/technet http://microsoft.com/msdn