Conditional Access can ensure employees are accessing their email, documents, and apps from company authorized devices only. Access will be prevented to any Office 365 services unless the device has been approved.
Azure Domain Join Devices
MWS powered by Windows 10, provides automatic and universal enforcement of security policies that will reduce your business’s risk of data breaches. By Azure Domain Joining Windows, IOS and Android devices administrators can enforce the following policies:
- Device encryption to help prevent unauthorized access.
- A six-digit PIN or password.
- An inactivity timeout period.
- Antivirus and malware protection, and signature updates via Windows Defender or Lookout for Work.
- Auto-updates on Windows 10 devices that include the latest security updates.
- Pushing VPN and wireless settings and certificates to your device.
- Clear separation of business and personal data. Users or admins can selectively wipe corporate data from the device, while leaving personal data such as pictures, personal email accounts, and personal files untouched.
Policies that Intune enrollment doesn’t enable include:
- Tracking or locating an employee’s device.
- Access to personal data contained in SMS, text, videos, pictures, files, phone call logs, personal applications, or messaging services.
- Access to the contents of personal or corporate email. If necessary, as part of the selective wipe process, corporate email accounts can be deleted by Intune to remove corporate email account settings and email messages from a device, but message content is not accessible via Intune.
- A self-service portal gives people the ability to check their system health and to unenroll a device that no longer needs to be managed. For example, if a device has been lost or stolen, the user can either remove Intune management or ask us to do so. When a device is removed, corporate assets are automatically deleted. Devices can be completely or selectively wiped.
- A full wiperestores the device to its factory defaults. This removes all company and user data and settings. A full wipe can be performed on Windows Phone, iOS, and Android devices.
- A selective wiperemoves only company data. The specific data that a selective wipe removes and the effect on data that remains on the device vary by platform.
Monitoring and Real time Reports
- Threat Protection Status (TPS) is single dashboard that provides information on malicious email that was detected and blocked so administrators can adjust policies such as turning up spam filtering. TPS also shows any email messages that had harmful attachments or URL’s that were blocked by the anti-malware engine.
- Auto-Forwarded messages report will show you any email accounts that are automatically forwarding their emails to an external email account. It will show you the user that is forwarding, how many emails were forwarded and to which domain. This dashboard provides insight into any account that may be maliciously forwarding company emails to a 3rd
Data Loss Prevention
With Data Loss Prevention you can identify, monitor, and automatically protect sensitive information across Office 365. For example, if an employee tries to send an email containing a social security number or credit card number, they will be required to first encrypt the email.
Outlook Message Encryption
Employees can easily send encrypted email messages and encrypted attachments from Outlook.
Email Archiving and Retention
Email Archiving and Retention is a cloud-based, enterprise-class archiving solution that provides archiving, compliance, regulatory, and eDiscovery challenges. Emails will always be available to an administrator even if an employee deletes emails from their account.
Azure Information Protection protects sensitive emails and documents giving employees the ability to apply rules and conditions. For example, a document or email marked as sensitive cannot be opened or access by anyone outside of your company.
Advanced Threat Protection
Advanced Threat Protection safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools. ATP includes:
- Sophisticated attachment scanning and AI-powered analysis to detect and discard dangerous messages.
- Automatic checks of links in email to assess if they are part of a phishing scheme. This keeps you safe from accessing unsafe websites.
Go back to MortgageWorkSpace