4 Security Solutions for Organisations that are Remote Working - Part 2
Following on from Part 1 last week, with everyone working remotely, identity has become new focal security threat plane.
What is even more concerning is that once an identity is compromised it takes an average of 146 days to detect an attacker within a network and that over 81% of network intrusions are due to compromised user credentials.
So now we’ve settled into the rhythm of remote working, we can look at ways to increase our security posture and protect our critical assets.
Last week we mentioned 3 fundamental solutions: Multi Factor Authentication, Conditional Access and Azure Information Protection that protects your data independent of whether it is internal or external to your network.
Here are 4 more critical solutions that both support end user’s productivity while delivering the security you need:
1. Cloud Application Security – up to 80% of employees use non sanctioned applications. Now that employees are accessing resources and apps from outside your corporate network it’s no longer sufficient to have rules and policies on your firewalls. Shadow IT or as some users call it “getting stuff done” can be particularly pervasive in times of change. IT will only find out later on when something inevitably goes wrong. The solution to this is to use a Cloud Application Security Broker or CASB such as Microsoft’s Cloud Application Security solution (MCAS). MCAS will:
a. Discover – it will show you what Cloud Apps your staff are accessing.
b. Assess – determine the app’s compliance against agreed upon risk factors.
c. Control – allow you to non-intrusively control access to these applications and overlay policies across data and files.
2. Single Sign On (SSO) – secure SSO is a key enabler for remote working. Having to sign in every time you log in to an application is a great way to frustrate users.
There are many great secure SSO and password management solutions. Azure Active Directory is an excellent one and SSO for 10 applications is part of the free version of Azure AD.
It scales to 1000’s of applications in Azure AD premium 1 or P2. A critical part of this is enforcing strong password policies and regular password changes.
3. Mobile Application and Mobile Data Management – There are many solutions that will enable you to facilitate BYOD, which are especially useful in times like these as many employees will be logging in from their own devices.
MDM -which most of you already have- will only enable you to enforce limited device level policies. What is more important is being able to allow users to access applications and data from their own devices, while you quarantine (excuse the pun) corporate data and applications.
User’s personal data and applications are completely separate from a security perspective and you can block data transfer and visibility between them. Virtual Desktops are another popular enabler of BYOD.
New cloud-based solutions like Microsoft Intune for Hybrid Device Management and Azure Virtual Desktops are easy to deploy and activate.
4. AI/ML analytics-based monitoring and protection tools – automated solutions like Azure Advanced Threat Analytics with Advanced
Threat protection are critical in a time when hackers are also using the power of the cloud and AI to hack users identities. Solutions Like Microsoft Azure Advanced Threat Protection learn your Users “normal” behaviour and then can identify and advise IT based on policies (that you set) when malicious activity is occurring.
This can be things like logins from unlikely locations (where travel time would be longer than the location of the last log in), known “bad” IP addresses”, legacy browsers and many others.
These integrate with Conditional Access and MFA to ensure you can protect you organisation and can enforce a password reset or a second form of authentication.
For Microsoft shops all these solutions complement and integrate nicely with each other.
For example, Single Sign On, Multi-Factor Authentication with Conditional Access and the Cloud Application Security, all can be either deployed as stand-alone solutions and when deployed together, integrate and add value to each other.
Many of these security solutions are bundled in Office365 E3 and E5 packages and all of them are in the Enterprise Mobility and Security Suite. Microsoft is rebranding Office365 for Business to Microsoft365 for business for organisations with less than 300 users on April 21.
This means that if you own Office365 for Business you will already own 90% of the above solutions. See link below for details.
If you are interested in our other Cloud, Infrastructure and Security related Blogs please click here.