このページはJavaScriptを使用しています。JavaScriptを有効にして、または対応ブラウザでご覧下さい。

Microsoft 365 with KDDI

EMS

Appropriately manage and protect user authentication, devices, applications, data, etc. for enhanced security

Image of Internet bandwidth expansion

Azure Active Directory

Cloud authentication infrastructure that bundles Office 365 and Intune


Authentication infrastructure provided as a cloud service

Since it is provided as a cloud service, authentication can be performed from anywhere, regardless of location.
Business apps can be accessed with a secure environment both internally and externally.


Link with various SaaS apps on the internet

The same method can be used to authenticate various applications other than those provided by Office 365.
Eliminates the need to manage ID/PWs for each application, reducing the risk of ID/PW loss.


Achieve secure Single Sign-On (SSO)

Multi-factor authentication and conditional access can be configured for each user.
Access control can be set according to usage scenarios, such as when using the system from outside the company, or when setting stronger authentication for outsourced employees.

  • * A Microsoft Intune license is required for device-based access control.

Microsoft Intune

Provides mobile device management and mobile app management capabilities


Centralized management of multiple devices

Devices can be centrally managed using the same policy regardless of OS type or device location.


Measures against mobile device theft/loss

Policies can be used to apply appropriate security settings to mobile devices.
In addition, Remote locking and wiping (data erasure) can also deter data theft within the device.


Deployment and protection of business applications

Bulk application deployment to registered devices and protection of application data can deter data from being taken out to non-business applications.

  • * For device-based access control, Azure Active Directory Premium license is also required.

Azure Information Protection

Files on cloud storage or within the device are stored in the
Classify and encrypt to protect data


File classification and encryption

The content of files can be determined based on policies defined by the administrator and encryption can be set automatically.


Control of authority

Set the access permissions for each file category. File sharing can be performed within the scope of intended permissions, including for users outside the company.


Tracking and handling unauthorized access

Tracks file access and revokes access privileges in the event of unauthorized access, thereby protecting internal data from unauthorized removal or loss/theft.

  • * For the automatic labeling function, a license for Azure Information Protection Premium P2 is required.
  • * Azure Information Protection Viewer is required for external users to open encrypted files.

Other functions

Advanced Threat Analytics (ATA)

This is an on-premises solution that detects attacks on credentials and unauthorized behavior, and prevents the occurrence of major damage.
The system monitors the behavior of Active Directory users and notifies the organization's administrators when it detects any unusual behavior or actions involving credentials.


Microsoft Defense for Identity

It is an Azure service that detects attacks targeting credentials for the on-premises Active Directory.
Unlike the above-mentioned ATA, the management server can be managed in the cloud.


Microsoft Defender for Cloud Apps (MDCA)

Cloud Discovery, App Connector, and Proxy Protection.
It is possible to monitor the abnormal operation of the cloud application and user activity, and to control user login and activity.

Inquiries about the Service

KDDI Corporate Sales Representative will consult with you and provide you with an estimate for the introduction.
If you have any questions, please feel free to contact us.