The question: Does working from home threaten our security? The answer is yes and no. Not very helpful I know but let me explain.
If your business is securing your applications and devices by keeping everything on-site sat behind your firewalls, email and web filters then yes. As effectively, you’re taking your device outside of your castle walls where everything is safe and secure and connecting your device from the wilderness outside your control. However, there are ways in which you can increase security for remote devices, but it does involve adopting a security in-depth model rather than perimeter defence method. For this you must think about all factors that need securing and defending, adopting the approach of “assume breach” posture. This means that despite all the protections we put in place, we assume systems will fail or people will make mistakes, and an adversary may penetrate our infrastructure, applications and services.
Depending on what Microsoft 365 plan you have, you have several security technologies available to secure your users, devices and data. Having an E5 plan gives you a huge amount of great security products that can secure you against cyber threats of any size, but even the other plans give you lots of great features that will make you safe.
Our top suggestions for secure home working
- Enable Multi Factor Authentication – for all users (preferably with condition access policies)
- Enable Self-Service Password Reset – This helps avoid staff writing passwords down, sharing them or picking easily guessable ones (trust me it happens)
- Microsoft Information Protection – Configuring this will help protect your organisations most sensitive data.
- Intune – Protect your devices and applications on those devices, ensure devices meet a certain level of compliance is essential to avoiding threats
- BitLocker – Encrypting your devices is essential for protecting you against theft or loss
MFA is a must for any Office 365 environment and one we would heavily advocate. The Register has reported an increase in successful attacks on Office 365 tenancies this month.
Another key element to securing your remote devices is ensuring they get security patches and updates. This is straight forward to enable with Windows 10 and Endpoint Manager. Following this is ensuring you have adequate Anti-malware software, again this isn’t a concern with Windows 10 devices as they come with Microsoft Defender baked in.
If you have Enterprise Mobility and Security E5 licenses or the full Microsoft 365 E5 you have a lot of amazing security and compliance products that can meet your security demands while allowing productivity from your remote staff. These licenses include Microsoft Cloud App Security, Microsoft Defender Advanced Threat Protection, Azure Advanced Threat Protection, Office 365 Advanced Threat Protection, Identity management and many more products beside. These solutions will secure your SaaS apps, data, infrastructure, admins and users against external and internal threats.
If you want to know more about securing your home workers or adopting a Defense in Depth posture reach out to us at SBL for a free consultation.