By the summer of 2020, 42% of Americans were working remotely. Other developed countries worldwide experienced a similar migration out of the workplace into home offices and other remote locations. However, while organizations and their employees adjusted to remote work, several security concerns surfaced. Consequently, companies like yours are now looking for more trusted solutions to provide easy access to workers while keeping unauthorized persons away from corporate and client data. One way they are doing that is by using Microsoft Cloud App Security (MCAS) and below are 6 more tips to increase security for your organization.
According to a study cited by the Wall Street Journal, up to 95% of data breaches can be traced back to human error. Human error is a natural part of doing business, but businesses can reduce the types of errors by providing security training. These are some crucial areas to cover in your training program, especially if employees perform remote via their own devices away from the control of in-house IT departments:
Your workers likely already use auto-lock features on their personal devices, but it is especially crucial for your work devices. Remote work is mostly done at home, and leaving devices unlocked is one of the most common forms of human error that provide unauthorized access to family members. Of course, if the work is done outside of the home, there’s the additional risk of unauthorized colleagues and random passers-by. Choosing a reasonable timespan is also important. Some devices can remain “open” for as long as 30 minutes before the auto-lock feature kicks in.
When workers use public networks, the risk of intrusion climbs. This doesn’t mean your employees can’t work in public places or must provide their own hotspot every time. It does mean that they should use virtual public networks and leave this service on. Some devices have built-in VPN services, and some companies provide them as a free add-on after purchasing other products or services. To ensure everyone has a reliable VPN, companies should consider providing one standard option.
Multi-factor authentication is more commonly referred to as two-factor authentication (2FA). This stems from the fact that most companies only require one additional verification to provide access. Workers often turn off 2FA to eliminate the extra step, but this could make systems more vulnerable. Microsoft, Google and several other tech companies have conducted studies showing that MFA and 2FA block 99.9% of hacking attempts.
With remote work, especially for companies that only recently chose to go remote, bring-your-own-device (BYOD) is common. The downside to this is that your employees could end up using the same phone to watch Netflix and play games on third-party apps that they use to conduct business. Some devices, such as Androids and Chromebooks, use sandboxing to get around this. However, the safest approach is to consider separate devices for remote work versus play.
The downside to providing company devices for remote work is that your tech team generally locks them. This prevents workers from accidentally or intentionally making fundamental changes to the system. Unfortunately, updates are fundamental changes, so workers might lose the opportunity to update systems independently. Updates often include crucial security patches based on cybersecurity trends, so consider this when determining restrictions.
Partnering with a trusted Microsoft Cloud Partner can help you tick many of these security items off the list. At 360 Visibility, we can help you improve your remote work collaboration efforts while mitigating cybersecurity risks. Reach out to our experts by phone or email to get a quote or answers to pressing questions. We serve businesses in Canada and the United States.