This vacation ownership club had an objective to harden user and data security. The client understood that their many kiosk systems and mobile workforce could be subject to accidental or malicious data breaches.

ActiveIdM used the M365 technology stack to meet the client’s challenges and bring this Enterprise Mobility Suite success story to life.

• Utilize client investment funding from Microsoft to assist with design and implementation costs
• Demonstrate Azure Multi-Factor Authentication (MFA) in various scenarios:
  • Conditional access policies
  • Hybrid-join and trusted locations
  • Device and session controls
  • Mobile device enrollment
  • Risk-based conditional access
• Demonstrate Azure Information Protection (AIP) including
  • Classification labels
  • Protection and encryption
  • Automatic labeling and protection
  • Microsoft Cloud App Security (MCAS) file policies for AIP labels
• Implement Intune profiles for mobile devices and Windows 10 endpoints
• Review Advanced Threat Protection capabilities

ActiveIdM approached this client understanding that legacy systems and custom developed solutions needed to have line of sight in our designs.  Leveraging Azure Active Directory, Azure Multi-Factor Authentication (MFA), and Enterprise Mobility Suite (EMS) offerings, ActiveIdM helped lay foundational identity and security principals that benefited legacy onprem and cloud integration.

Hybrid joined devices, trusted locations, and device environment policies provided endpoint management security hardening.

Azure Information Protection P2 workloads provided the necessary automation for AIP Scanner capabilities to support data at rest on-premise, while Microsoft Cloud App Security (MCAS) provided stronger controls for data in transit via file and activity policies.

The customer is better positioned to take the next step for full Identity, Security, and Access Management automation.