Microsoft Enterprise Mobility + Security Reviews

I am a user of Microsoft Enterprise Mobility + Security. It is about mobile device management and asset management. It is largely meant for data security and driving compliances. The solution is also known as Enterprise Mobility and Security.

The solution is easy to set up, which I appreciate. It is largely meant for data security and driving compliances. Ease of use is better and depending on the landscape in every enterprise, I have usually seen Microsoft Enterprise Mobility + Security in all deployments that I have seen so far. It seems to be a good product and solution.

The solution is meeting my requirements. I don't have any direct inputs here, except that stability of the application can be improved. Sometimes it gets hung or restarts multiple times in the background, which consumes battery life. If stability can be improved, it will generally help everyone. These solutions are usually a little expensive. If costs can come down, that will generally help the masses. A reduction of around 30-35% would make it more prompting for people to take that extra jump. Due to budget constraints, I have seen people not going for Microsoft Enterprise Mobility + Security because even if the commercials get discounted for the first year, subsequent years see significant price increases.

I have been using the solution for nine to ten years.

The deployment takes a few days because the complete configuration cannot be completed at one stretch. This is not a limitation of the tool, but relates to the overall preparedness of an organization.

Sometimes the application gets hung or restarts multiple times in the background, consuming battery life. If stability can be improved, it will generally help everyone. On stability, I would rate it six out of ten.

The solution is currently scalable for my needs.

My team members have been working with other solutions. I have worked with other solutions for different deployments, but none that can match Microsoft Enterprise Mobility + Security.

The solution is easy to set up, which I appreciate.

My team members have been handling the implementation.

I have not looked at ROI perspective here because securing the enterprise is the primary concern.

I am using ManageEngine as a tool, specifically Endpoint Central. I am using CrowdStrike Falcon. We are using pfSense for open source. I am using Office 365 and Microsoft Enterprise Mobility + Security V3. The current exposure seems to be fine. I am very happy with it currently. There are no plans to enhance anything as we are waiting for budgets to be cleared. I rate Microsoft Enterprise Mobility + Security an eight out of ten.

I have been selling Microsoft Enterprise Mobility + Security for more than 10 years.

My biggest advantage with Microsoft Enterprise Mobility + Security is that I have really deep knowledge about Microsoft licenses, allowing me to offer our customers some non-usual configurations or special offers because I have experience working in Microsoft and many contacts, helping us to provide the best conditions for long-time contracts.

The installation of Microsoft Enterprise Mobility + Security is quite easy.

Azure Active Directory Premium helps to manage user access and security; it's the basis of our communication and our project, as it's essential for all security for our customers.

Features within Microsoft Intune such as MDM and MAM help to protect data in general. Intune is a general tool for mobility management and device and user management.

The technical support from Microsoft could be better.

Because there are many changes in Microsoft, and most support centers or representatives moved to India, I can share that my experience with support from people in India is not at the expected level. If I compare this support now with two or three years ago, it's definitely worse.

The stability of the solution rates at level eight because the solution from the Microsoft cloud is definitely stable from my experience; there are sometimes issues, but this is the case for all cloud solutions.

The solution is easy to scale because our system engineers are very well trained, and we have many technical specialists who are aware of it. It's easy to use this technology in our customers' projects.

I will be polite and give Microsoft support five points from 1 to 10.

Neutral

In the Czech market, big competitors for endpoint security are ESET and Symantec; these two are definitely noteworthy, and for enterprise customers, CrowdStrike.

It's a difficult question because the Microsoft solution is part of bigger packages. If you pick just a security solution from Microsoft, maybe we can see that the Microsoft price is a little bit higher. However, if you buy this technology as part of a bigger package, the price is acceptable for local customers.

I have to compare with some specific competitors because generally, the features Microsoft Enterprise Mobility + Security offers are good enough for most customers. We can find some single features that are better from other competitors, but as a package, it's from my point of view, the best solution.

Microsoft Enterprise Mobility + Security is a basic part of all of our projects because it's a very important basis for any customer wanting to set up Microsoft technology, as they need to manage all users and devices on a security basis. It's definitely a major part of all of our offers.

It's a difficult question, but if I translate the answer from our customers, it's price. There might exist other solutions from other companies that can be better in some features. But generally, the Microsoft solution has more advantages because they sell this technology as a part of a big package Microsoft 365 E3 or E5. It's a major advantage because if a customer buys this package, they can use this technology from Microsoft, which is good enough compared with other solutions, and it's a part of a package that a customer already buys, making it not sensible to buy other technologies just for a couple of special features.

I rate Microsoft Enterprise Mobility + Security a 9 out of 10.

I am using Defender for Cloud, but not extensively, and we have the workloads turned on.

We are utilizing the full E5 license for users, utilizing Defender for Endpoint and Defender for Server with the whole Microsoft suite.

I am using the Microsoft E5 suite for users.

I can use Microsoft Enterprise Mobility + Security mainly for mail for users, Office for users, and all the collaboration platforms such as SharePoint and Teams.

The conditional access policies improved my operations overall.

Multi-factor authentication is an example of a valuable feature.

The best advantage of the product is that it provides an all-in-one solution.

Collaboration is something I appreciate, though I'm not a big fan of the Microsoft suite.

They should improve dedicated solutions because they offer everything, but you always end up missing something.

As mentioned, certain functionalities are missing, but I don't want to spend more time going into details.

I have been using it for six to seven years.

The support is rated low because you cannot easily reach them, and when you finally do, you won't get anywhere. Without partners or middlemen in the process, you wouldn't get anything done.

Neutral

I do see some ROI. I cannot go far into details about savings, though I have achieved significant savings.

I'm aware that they're all part of the external surface.

I'm not sure if we have the license for Defender External Attack Surface Management, or it might be integrated into the Defender for Cloud.

I do not work with Defender for Identity or Defender for IoT.

The pricing is cheap.

Scalability rates at eight out of ten.

Stability rates at nine out of ten.

My job title is IT Security Analyst.

On a scale of one to ten, I rate Microsoft Enterprise Mobility + Security an eight.

Microsoft Mobility and EMS include Intune for Mobility, which provides mobile device management and mobile application management. With mobile device management, you can control the entire device in an organization. For example, if you have a thousand devices, you can manage them using various available methods. These devices will appear on your portal, and you can effectively manage them.

If not, Intune also supports mobile application management, which means we only protect data that is on third-party devices. For instance, if a user has a company-controlled device, we have full control over it. However, if a user in the organization has a personal laptop and smartphone, we can control how data is regulated on those devices. They won't be able to save data on mobile storage, copy-paste to applications like WhatsApp or Notepad, or copy it to personal email accounts. The user can only copy data between corporate email addresses or copy it to OneDrive for Business. This level of control is provided by Intune.

In terms of security, EMS has Azure Ready Premium One, EMC Three, and EMC Five as its individual components. EMC five offers most of the features and it includes Azure Ready Premium 2. You can also have conditional access policies, which are part of Plan 1. It also has Azure Information Protection for labeling. You can create labels and labeling policies, including auto-labeling policies. There are Plan 1 and Plan 2 options. With Plan 2, you can automatically scan on-premises repositories for labeling. If you have Plan 2, it will label them. In the EMS, we have CASB, which stands for Cloud App Security. It's a Cloud App Security Broker. We refer to it as Defender for Cloud App.

It deals with all the shadow IT subdomains. For example, if you have one thousand users in your organization and you don't know what they are using on their laptops, even if Defender for Endpoint is already installed on their devices or if you are importing logs from the firewall, it will show you all the devices, websites, and applications that the user is accessing.

You can restrict their access, so they won't be able to work on any other devices. You can also identify any uncategorized websites or services being accessed. You can view this information from CASB and set session policies. If you have web applications on-premises, you can integrate with them. You can also integrate with anything that supports SAML authentication.

Furthermore, you can prevent users from copying text from browsers or your application. You can create file policies, activity policies, and session policies based on your requirements.

Additionally, you have Azure Identity Protection, which is also part of Azure Ready Premium 2. It includes features like bank passwords and more. A bank password is something that is not available on-premises. There is also a small agent that you can use to enforce it on-premises. Moreover, there is Azure ATP, which depends on identity.

It's crucial to have it on the domain controller. It investigates every authentication, even if you're authenticating through LDAP or web services. It tracks and verifies against a number of attacks and techniques listed by my tier, which is a nonprofit organization that investigates these attack techniques. They have a catalog or database of these techniques. Azure ATP will verify if any of these attempts are shown and reflect them. So that is Azure ATP for identity.

The identity management team is also included, and Privileged Identity Management is part of it. Along with that, you have access to reviews and event title management. So this is what the EMS offering includes.

Microsoft licensing has always been tricky. There have been several changes in the last quarter, such as the addition of a new SKU on top of the existing ones. The licensing can be messy at times. Apart from that, it's fine. One area where Microsoft lacks is network-level protection. Currently, it focuses on endpoint protection. However, with the shift to remote work, network-level protection has become less relevant since users take their devices home, and there is no physical boundary after COVID. So, investing in network equipment might not be as useful as protecting endpoints with features like EDR (Endpoint Detection and Response) and behavioral monitoring. That would probably be helpful. 

I have been using this product for five years. We have been implementing enterprise-level rollouts for over 15,000 users.

It's Microsoft we're talking about. The platform is generally stable. Occasionally, out of the many components involved, there may be a minor outage or some issues for a few hours. It happens, just like with other vendors. However, it's not to the extent that an entire region goes down. I haven't witnessed such a scenario.

Licenses and overall scaling horizontally are possible. Once you place an order for a specific number of licenses, it will be processed and made available within a few days.

Some of their support representatives are good, but some are very bad. If I don't get the right person, it can be frustrating. It depends on who you get assigned to. If you're fortunate enough to get an experienced person, they can resolve the issue in one call. Otherwise, it can be a drawn-out process. So, in my experience, I've created multiple tickets until I got the right support.

Neutral

It used to be complex, but now it's pretty easy. There are numerous videos and articles available that can guide you through the setup process. Microsoft provides resources that make it accessible for anyone to set up. That's the advantage of using Microsoft products.

The deployment model is mostly on the cloud, about 90%. We work with both on-premises. It's just a matter of reconfiguring. It's a mixed approach, but the majority of things are on the cloud.

EMS is extensive, comprising multiple components. It would take hours to describe the entire deployment process. You only need one or two people for the deployment process. Typically, we assign a single engineer to handle the deployment of all these components for a month.

Let's consider EMS as a licensing model. It's like setting up a home for users. Think of it as a house. You have licenses—let's say you have five licenses. With one license, you set up the plumbing, and with another license, you set up the electricity.

It's entirely different. So assigning an EMS license means you are licensed to use electricity and water, which means you need to handle the plumbing. There are different components and deployment methods. It's not like setting up a server in the traditional sense.

The deployment is done on the cloud. For some components, you need to deploy agents, while others are readily available. Some require enabling analytics, and for others, you need to enable sync. Threat protection requires environment and device hardening, including patching, for example.

The deployment process itself is quick. However, rolling out to all users can be time-consuming. Typically, we complete the initial deployment within a month for a certain number of users or devices. It then becomes the customer's responsibility to roll it out to the remaining users.

Moreover, the maintenance aspect is quite straightforward. It doesn't require much maintenance unless we're talking about specific products like Sentinel or Defender for Endpoint. Once it's configured, it will work smoothly. There might be occasional changes, but they are infrequent, happening maybe once a month. Overall, it is a low-maintenance area compared to other services.

There are a couple of other solutions, like Samsung Knox and Citrix. Although I personally haven't worked with them, we have a team here that implements Citrix. However, I haven't had personal experience with it for the past three years.

In terms of features, Microsoft has a very good strategy because most people are using Windows and Office 365 applications like Excel and PowerPoint. So it seamlessly integrates with devices and services. However, when it comes to pricing, Microsoft has its challenges, and I'm not sure if there are people who appreciate it.

For most organizations, since they are already using Windows and other Microsoft services, implementing EMS from Microsoft is easy, and it seamlessly integrates with application troubleshooting and other functionalities. You already have everything you need, so you don't have to install an agent. It just pushes an extension automatically. Additionally, auto-pilot is a service that is not available with any other vendors. So, yeah, Microsoft is a good choice.

Overall, I would rate it an eight out of ten. 

We use the product for centralized communications. We use chat, SCCM, Azure, Visio Pro, and quite a few other Microsoft applications.

As a business manager, I use it for all the basic stuff. I use Microsoft for, of course, the Office Suite, however, in regard to the Enterprise packaging, I use it for our communications tool. I use it as Teams. I really use Teams for communicating with the department. Other than that, the core licensing and things of that nature, the server items that we have, SCCM, that's more from our server-side. They use it more for server licensing whereas I just use it for the basics of communicating, chatting, and things of that nature. That's the regular Microsoft Office Suite.

The most valuable feature is it's a collaboration tool that we can dump all things in at the same time, and we don't have to go to different locations to search for documents that we want to share among 40 people.

It's great and it is something that is very user-friendly as a whole.  

Microsoft is a very strong product here the brand recognition and trust are high.

You can scale the solution up or down by department.

The stability is good.

My suggestion would be just for IT, for us, to continue pushing it out and making it more knowledgeable and easy to use for those that are not as savvy with technology. We don't want them to overthink just using the basic tools within Microsoft.

The licensing is quite expensive.

We've been using the solution since 2013.

I purchased this in 2013 and it's been pretty stable since then. It's been actually a really great tool. We're becoming more knowledgeable about different things that it can do day by day. We haven't had any issues with it. It's pretty stable.

Microsoft Enterprise is a tool that you can build on, or just scale back for departments that only utilize a very small portion. I only use a very small portion of the Enterprise agreement, however, others within IT use the platform for something much larger or something much more detailed. It can expand or contract to meet different departmental needs. It's a platform you can easily build on.

We have about 1,400 people within our organization using the solution.

I haven't used Microsoft tech support. That said, I am very aware that our server team has, and it's 24/7 support that they can't live without. It seems they have met our needs and overall, the company is very happy with them.

We handled the installation and never had a problem with it. We have 12 system admins that are capable of maintaining the solution.

We installed it ourselves.

The licensing period is three or four years and it's a pretty penny. We get it off a cooperative, meaning we share the cost with separate entities. I don't remember the exact amount.

We are considered a Microsoft partner as we are amongst a group that uses Microsoft Enterprise. It may not be a true partnership per se, however, we've been a customer for over 10 years.

We are level E3.

I'd advise potential new users to just become knowledgeable about all of the products within the platform, so that you do not purchase other items that you already have within Microsoft.

If you take the training before you roll out a large application like Microsoft, it's easier for your customers to understand how to use it.

I'd rate the solution at a nine out of ten.

I use the solution in my company for endpoint management and securing cloud workspace and identities since it allows us to implement conditional access and secure it on an on-premises infrastructure with an ATS server.

The most valuable feature of the solution is the tool's ability to integrate with the rest of Microsoft's products online and on-premises stack.

Since Microsoft Enterprise Mobility + Security needs to deal with the competition from VMware and Ivanti, I visited PeerSpot's website to see how Microsoft can compete with its competitors.

Microsoft Enterprise Mobility + Security lacks some remote-related features that VMware offers its users. In the future, Microsoft Enterprise Mobility + Security should offer some remote-related features that VMware offers to its users.

Microsoft outsources the support services to some of its partners who need to understand that the modern-day users of the product don't live in the 2000s, where they want someone to ask if they have restarted the router or not.

There are certain shortcomings in the licensing model of the product where improvements are required. There is no simple licensing model where my company can suggest our customers purchase a plan that includes every feature in the tool.

I have been using Microsoft Enterprise Mobility + Security for five to six years. My company has a partnership with Microsoft.

It is a stable solution.

It is a scalable solution.

If a user opts for the cloud services for the tool, then from five to five thousand users or more can use the product.

At the time, the support offered by Microsoft was shaky. My company has faced some challenges with so many regions to cover and third-party support services for Microsoft. Despite my company being a partner for Microsoft, we faced some challenges regarding the support part since we couldn't connect with anyone from Microsoft's technical team.

I rate the technical support a five out of ten.

Neutral

Collectively, I have experience with some other similar solutions to Microsoft Enterprise Mobility + Security because I lead one of the departments in my company, which has dealt with some security center products, but everything has changed with BYOD and cloud-related scenarios in the present.

My team takes care of the implementation process of the product as I generally deal with the background of technology. I lead my department as the director of infrastructure services.

The increase in the prices of the product might not be the actual problem, but things become complex with some new plans that were introduced by Microsoft recently. Initially, my company used to have only Microsoft Intune, but now Microsoft Intune Suite is available with features conflicting with the former product since Microsoft allows users to have one feature under one plan and some other feature in some other plan.

There are pros and cons attached to Microsoft Enterprise Mobility + Security, especially compared to Ivanti, which is available in my region for a low cost. When Microsoft Enterprise Mobility + Security is compared with VMware, I don't know how the latter manages to hold up a good reputation in the market. VMware also offers some remote-related features for mobile, which I am sure that not all of the customers use, but that is something the solution brags about.

My company is focused on the technologies offered by Microsoft.

Any organization with a good roadmap should go with Microsoft technologies. Microsoft has a big roadmap in place, without which even Ivanti can give it tough competition in the market. Microsoft is capable of providing the features its customers require. Planning is the key before using Microsoft Enterprise Mobility + Security.

Microsoft has entered into offering endpoint protection tools where it wants to eliminate the purpose of the endpoint firewall to some extent. For Microsoft to achieve the aforementioned goal, it should cover all the features, especially in the area of reporting, which is usually quite complex. You cannot simply get a glimpse with the tool in a single site, and you have to drill down here and there, so I think its control panel is also a bit complex.

I rate the overall tool a seven to eight out of ten.

The product is a unified solution and you don't require to purchase tools from different vendors. The system analyzes behavior and activity and takes steps for protection. 

Microsoft's feature management is based on licenses. Microsoft follows ethical licensing and hence do not restrict the use of it. 

I have been working with the product for three years. 

Microsoft Enterprise Mobility + Security is stable. 

My client has over 10000 users for Microsoft Enterprise Mobility + Security. 

Microsoft's premium support is responsive compared to the basic plans. 

Positive

Microsoft Enterprise Mobility + Security's setup is easy. 

The product is worth its money. 

I would rate the tool a nine out of ten. 

We use the solution to protect endpoints, identity, and data.

The solution's most valuable feature is identity.

The solution's email protection and other security features need improvement. Also, its performance needs enhancement.

We have been using the solution for five years.

The solution is highly stable. I rate its stability a ten out of ten.

The solution is scalable. I rate its scalability an eight or nine.

The solution's technical support could be better.

The solution is cost-effective, offering a single pane to manage different features.

I rate the solution a seven out of ten. Its performance is average. If you have primary use cases, it provides a high standard of security. But for complex requirements, it could work better.

The solution is for MDM and takes care of the mobility and security of all devices. 

The product is centralized and we can use it for security purposes. 

Microsoft Enterprise Mobility + Security is expensive. 

I have been working with the product for two to three years. 

The product is very easy to scale. 

Microsoft's support is good. 

Positive

The product's setup is not complicated but you would require some technical guidance to complete it. I would rate Microsoft Enterprise Mobility + Security's setup an eight out of ten. 

We have to pay 10 dollars per user. I would rate the tool's pricing a six out of ten. 

Microsoft Enterprise Mobility + Security is good and easy to configure. You can find a lot of documentation on the implementation part. I would rate it a nine out of ten. 

A good feature that is present is MAM or Mobile Application Management. We can deploy this feature on the device, which is not managed by the organization. If I apply some security configuration on a personal device, the user would be really disappointed. What we do instead is that we give all access to the applications related to corporate and ask the users to use the application. We secure the application by putting the security features on the applications and not on the users' devices. This way, the users are happy, and we also meet our company's compliance standards. Then, everyone is happy.

The auditing and reporting could be updated and upgraded.

I would like to see light applications because they consume a lot of the device's memory at present.

I've been working with this solution for around four years.

Microsoft Enterprise Mobility Security is a stable solution.

We can force sync so that every device is scalable in configuration.

The configuration is very simple and straightforward. The only thing required is the authenticator app, and Microsoft has released step-by-step guides that are user-friendly.

I would rate pricing at eight out of ten. It is a bit higher because of the security features that Microsoft provides.

In general, I would give Microsoft Enterprise Mobility Security a nine out of ten.