Securing your Remote Work Environment

Written by Matthew Metelsky

June 18, 2020

Today’s SMB IT environment is challenging.

You need to help employees stay connected and productive in a remote, distributed world while keeping your business safe from cyberthreats and data loss.  With employees working from home, across a multitude of personal and mobile devices, and with increased phishing and ransomware due to COVID-19, the shift brings questions and challenges.

  • How do I give employees access to critical on-premises applications from home?
  • How do I protect employees from increased phishing attacks?
  • How do I make sure the devices my employees use are secure?
  • How do I keep confidential data from being left on personal devices?

By enabling remote work with Microsoft 365, we can empower people to stay productive while maintaining security and control.  We can enable people to meet via video conference, communicate in an ad hoc way via chat, and access and co-author via cloud storage.  Yet, to bolster security, we can enable secure remote access while protecting identity, mitigate risk across both personal and company owned devices and, importantly, safeguard confidential business and customer data.

Remote work starts with securing identity and access.

Secure access to work applications.  With Azure Active Directory, we can secure access to work applications and control where, when and who connects to Office applications through Conditional Access; protect against lost or stolen passwords using Azure Mult-Factor Authentication (MFA); and enable your employees to remotely access on-premises applications without opening broad access to your network.

Enable remote desktop access with Windows Virtual Desktop.  Windows Virtual Desktop delivers the only multi-session Windows 10 experience that’s highly scalable and stays up-to-date.  And, with native optimizations for Office, including Microsoft Teams, it provides a positive use experience that can scale in minutes.  When WVD is coupled with capabilities of Citrix Cloud and Virtual Apps and Desktops, user experience is guaranteed.

Protect users against cyberthreats with Advanced Threat Protection including malicious links in e-mail or Teams using real-time AI-powered scanning and broad support to defend against impersonation and spoofing.  Coupled with Defender AV, gain better protection on Windows devices against suspicious processes, such as ransomware.

Secure personal and company owned devices.

Manage work data on mobile devices with Intune to provide Mobile Device Management (MDM) functionality for device management, compliance, provisioning and de-provisioning, including remote data wiping.  Extend capabilities with Mobile Application Management (MAM) to publish and configure applications remotely, integrate mobility platforms with on-premises delivery strategy (such as Citrix), and secure corporate data within mobile applications.

Secure Windows devices with Intune MDM policies to require automatic updates on all Windows 10 devices, enforce Microsoft Defender protections against malware, and require the use of Bitlocker encryption to prevent unauthorized access.

Automate Windows deployment using Autopilot and drop-ship management-ready devices to significantly reduce cost and time in operating system deployment (and bypass traditional image-based deployment strategies).  Autopilot also allows ongoing ability to automate provisioning of applications, configurations and user settings to provide an easy new device experience for end-users.

Safeguard confidential business and customer data.

Protect against accidental data leaks with Data Loss Prevention.  DLP identifies sensitive information across many locations and applications and prevents the accidential sharing of this information while protecting in desktop versions of Microsoft Excel, PowerPoint, and Word.

Control access to your data and documents with Azure Information Protection to dictate whether e-mails or documented can be edited, forwarded, printed, or viewed by non-employees and employees with restrictions and protections that stay with the content regardless of location.

Get visibility into cloud app use with Cloud App Discovery to understand cloud application usage, shadow risk, and the security of your SaaS applications using risk assessments for over 16,000 cloud applications.  Gain insight into usage patterns, high risk users, and prioritize applications to bring under IT control and single sign-on.

Microsoft 365 Business Premium helps you secure your organization’s work from home environment.

  • “With App Proxy and WVD, employees can access critical on-premises applications.”
  • “ATP helps protect from phishing.”
  • “With InTune, I can easily secure personal and company owned devices.”
  • “AIP and DLP help safeguard my data.”

Have a closer look at security concepts and Microsoft 365 Business Premium.

Your New CSO

After rapidly enabling employees to work from home, many businesses are now taking time to assess the security of their remote work environments.  Common questions that come up in these evaluations include:

  • How can we help employees stay safe from COVID-19 themed phishing attacks?
  • How do we keep work files from being left behind on employee home computers?
  • How do I make sure the devices my employees use are secure?
  • Is there an easier way for employees to securely access on-premises applications? How do we enable a good remote desktop experience?
  • How can we do all this while minimizing costs and complexity?

We’d love to talk to you about these and any other questions you may have about securing remote work. There are Microsoft 365 subscription plans available to help improve security in these environments while helping to lower your operational costs, as well as complimentary strategies to take your remote work strategy to the next level.

Contact us now to schedule a 1-hour remote workshop.

[contact-form-7 id=”1913″ title=”Workshop Signup”]


You May Also Like…