By Alan Kinane
It is time to beware the bad guys who will try and take advantage in security weaknesses of companies now everyone is working from home.
The first challenge as the lockdown came into force was ensuring everyone had the right hardware with a global laptop shortage and employees using office desktops and home PCs to access the network.
With questions over how secure WiFi is and IT department concerns about a lack of visibility over who can access data and systems, it is absolutely vital that multi-factor authentication is put in place.
This means that employees need to authenticate their identity with both something they know (their password) and something they have (a code sent to their mobile phone) in order to log-in to the corporate systems. Microsoft 365 sits on the Azure Active Directory which provides authentication through Conditional Access.
Security settings can be enabled by IT so that a degree of control is enforced as to who is allowed access to which specific company resources, how many times a day an employee needs to log in and which devices they are allowed to access them from.
It only takes one user from home to be in breach and a phishing attack can be successful. We are hearing that there is a lot of activity from criminals who are taking advantage of the Covid-19 situation to target firms. It is time for greater vigilance.
They are trying to impersonate someone from the organisation, perhaps a CFO whose name or email is on their website and so is easy to spoof. An employee receiving, say, a simple request for a payment could easily assume that it is an instruction and do it, with no line of sight from the company.
For those businesses who are not yet in the cloud, they can find that their firewall is no longer big and powerful enough with everyone working remotely, it simply can’t handle that much activity.
This is where the cloud is ideal, and Microsoft Teams is the tool of choice for collaboration and communication. It is secured with modern authentication, while Azure Information Protection enables documents to be shared but not forwarded to someone outside the organisation, if required.
Microsoft Intune is a very powerful device management tool which means that IT departments can control which machines have access to the network – really important when people are using personal tablets or smartphones.
The Bring Your Own device feature means that IT can manage what devices and apps are approved for use and can make restrictions on how they are used, for example blocking copy and paste of documents.
It is Microsoft 365 Business that ticks the box, with AIP and Intune included – it is a great, secure bundle of essential products at a price that represents great value for money.
The sudden shift to employees working remotely means that there are new risks and concerns about the security of your business’s data and information.
My top tips on how to remain secure when working from home are:
We have more insight into how you can protect your customers here.
To contact MicroWarehouse, click here.