How To Maintain Security When Employees Work Remotely

COVID-19’s threat to public health is significant. Unfortunately, cybercriminals are already using this global health crisis to their advantage to try to steal sensitive data. They’re counting on cracks in your cybersecurity caused by a hasty retreat to home offices and a patchwork implementation of remote productivity software solutions.

Spear-phishing attacks—attacks that target a specific individual or organization—rose by nearly 700% in March 2020 over the previous month, leading the Canadian Bankers’ Association, the Canada Revenue Agency, and many other organizations to release public warnings about such attacks.

While COVID-related phishing attacks most often target individuals, the threat to your business data becomes clear when you consider how the lines between personal and work-related digital behaviours have blurred given the new reality of many Canadians who are working from home. Employees using personal laptops under a BYOD strategy may not think twice about opening a potentially fraudulent personal email while logged into work accounts.

Other attackers are taking advantage of the large numbers of employees suddenly forced to operate outside of traditional corporate network perimeters, passing sensitive company data back and forth between unencrypted home WiFi networks on insecure devices. Nearly one in five Canadian businesses was impacted by cyberattacks in 2018 and 2019. Given the new challenges businesses face in 2020, that number is certain to rise. And, more than ever, SMBs can’t afford to absorb the consequences of a data breach.

The fact is that once COVID-19 is under control, most Canadian business will never go back to the way things were pre-2020. While no one wishes for a global pandemic, it is in times of crisis that we tend to see the fastest evolution in technology. Successful organizations will adapt and grow through these challenges, and may very well realize that remote work—securely enabled—is better for their organization and their employees than requiring everyone to be in the office 100% of the time.

Simply put: it’s a mistake to put patchwork solutions in place, hoping that this will all be over soon. It puts your data in grave danger now and ignores that the business landscape has irreversibly changed.

Smart companies will take this opportunity to be forward-thinking and implement future-proof solutions.

For remote workers, security and productivity must go hand-in-hand. If remote security policies cause frustration and wasted time for employees, they will simply work around them. Without employee education and participation, even the most robust security methods aren’t useful or effective.

Employees working from home (or, as public health restrictions ease, from shared spaces like coffee shops, airports, or libraries) must be able to stay compliant with security policies without interrupting their workflows. Businesses that are serious about maintaining security when employees work remotely must choose productivity software with built-in security, with neither feature treated as an afterthought.

If your business is actively seeking a remote work solution that fosters security and productivity, this checklist may help narrow your search. If you’re currently relying on a patchwork of software solutions that leave dangerous gaps in your cyber defences, this checklist can help you identify an all-in-one solution that can deliver productivity and peace-of-mind while eliminating the IT problems you’re facing today.

The right secure remote work software solution for forward-thinking businesses will:

• Give you (at least) the basic essentials: email, calendaring, mobile document creation and collaboration, team communication, and file storage and sharing.
• Work from anywhere that your employees choose to work, and from a range of devices for companies with BYOD policies.
• Provide built-in tools for managing and authenticating users, including role-based access control.
• Enable multi-factor authentication for enhanced remote work security.
• Help protect users from phishing and business email compromise (BEC) attacks.
• Help protect users from malware attacks.
• Allow for the implementation of a data loss prevention (DLP) policy that can help monitor the transmission of sensitive information and prevent it from ending up in the wrong hands.
• Give users advanced collaboration tools, including video conferencing, whiteboarding, team chat, direct calling, recording and automated transcription options for meetings, and real-time document co-authoring.
• Provide all of the tools your business needs with a layer of embedded security that doesn’t inhibit productivity.

Provide all of the tools your business needs with a layer of embedded security that doesn’t inhibit productivity.

Microsoft 365 delivers an advanced productivity platform with built-in security features that can be scaled to your organization’s needs. Microsoft 365 can securely power remote workforces of all sizes, from small businesses with limited IT resources to enterprise organizations with thousands of employees.

Microsoft 365 includes*:

• Windows 10 Business
• Office 365, which is comprised of all the cloud-based productivity apps that power businesses across the world: Outlook, Word, Excel, PowerPoint, Publisher, and Access.
• Exchange, which provides intelligent email and calendaring.
• OneDrive, the intelligent file sharing and management app for seamless remote collaboration.
• SharePoint, a mobile intranet that lets users easily build dynamic sites to share resources and content for projects, teams, and departments.
• InTune, an integrated endpoint management platform that takes the risk and headache out of BYOD policies.
• Teams, the collaboration platform that keeps remote workers productive and engaged with video and web conferencing, scheduling assistance, screen sharing, chat, whiteboarding, automatic transcription, and more.
• Advanced threat protection and security features that help stop phishing and ransomware attacks, enable multi-factor authentication and conditional access, and restrict the movement of sensitive data.
• Even more intelligent tools to power both remote and on-site work environments, like Bookings and MileIQ.

*not all features available at all subscription levels

Web and video conferencing apps have become more important in 2020 than ever before. In a time when being face-to-face with coworkers and clients is a threat to public health, finding ways to maintain interaction is critical.

Many users of web conferencing tools are finding that solutions that used to work just fine for occasional remote meetings simply aren’t cutting it anymore. It’s easy to ignore a conferencing tool’s shortcomings when you only need it once in a while. When it suddenly becomes your main (or only) method of team communication, those minor annoyances quickly become major problems.

Additionally, users have discovered that some web conferencing apps are putting their cybersecurity at risk.

One app that came under heavy scrutiny was Zoom, which came under fire for allegedly selling off user data to third parties as it saw fit. Zoom rewrote its privacy policy in late March 2020, but didn’t stop collecting significant amounts of user data. In early April 2020, security expert Bruce Schneier learned that Zoom for Windows could be exploited to steal users’ credentials and that Zoom was secretly displaying social media information to other meeting participants.

Video conferencing is just one of the many features of Microsoft Teams, which eliminates security concerns associated with tools like Zoom. Teams offers chat, calling, meetings, file storage, interconnectivity with the rest of the Microsoft 365 suite, compliance controls, advanced authentication capabilities, and more.

Some features of Teams that are exceptionally useful for remote work environments include a whiteboarding app for real-time brainstorming collaboration, automatic searchable meeting transcriptions, meeting time recommendations based on employee availability, and the ability to co-author files directly within the Teams app. All Teams features are protected by the same security protocols as Microsoft 365.

Ensuring that your Microsoft 365 solution is deployed properly is key to creating a secure and productive remote work environment. Beyond basic deployment, training your employees on how to work securely (in a way that doesn’t interfere with their workflows) ensures you’ll get the most out of your secure remote work software investment.

Like any smart business investment, deployment of Microsoft 365 isn’t a set-it-and-forget-it solution. Your cybersecurity plan must evolve along with the threat landscape—which, as we’ve seen, can change rapidly in response to significant global events. And, while advanced security features can automate some IT functions, the people who make up your remote workforce will inevitably find themselves in need of IT assistance.

Enter Bulletproof 365, the most comprehensive and secure productivity solution of them all. It’s leading-edge security, employee training, and support services from a Microsoft Gold Partner wrapped around Microsoft 365, resulting in the most secure cloud services package for Canadian businesses.

Time + Space Media (T+S) is a marketing agency based in Halifax, Nova Scotia. They work with clients and partners across Canada and around the globe in a variety of industries to develop and manage strategic, successful marketing campaigns.

The Business Challenges

In 2018, T+S was targeted by phishing emails on an almost weekly basis – ones that appeared more and more legitimate with each attempt. The agency had an internal IT person, but with a growing business, their capacity to manage the volume of day-to-day requests was strained. T+S were early adopters of technology, including Microsoft 365 Cloud solutions. But to get the most out of Office 365, users needed the proper training to use the tools and applications effectively, and they needed technical help and support to quickly answer questions and resolve any issues so that staff could keep working without lengthy disruptions.

The Solution

T+S viewed security and cloud productivity as two separate pieces they needed to invest in to solve their business challenges. Bulletproof introduced T+S to a powerful turnkey solution: Bulletproof 365. This product delivered the power of the world’s leading productivity platform wrapped in leading-edge cybersecurity, unmatched employee education, and 24 x 7 IT support. Bulletproof 365 was a perfect match for their needs and provided all the pieces to solve their business challenges, including:

• Expert cybersecurity protection.
• 24 x 7 technical support for their users and IT Manager.
• Upgrade to a secure Windows 10 operating environment.
• Employee onboarding and education modules to empower staff and accelerate adoption.
• Security Aware training to educate employees on cybersecurity, transforming them from targets to active defenders of organizational security.
• Seamless integration from configuration to roll-out, making it easy for T+S to manage change.
  
  

The Result

Today, with Bulletproof 365 in place, T+S has the protection they needed, the productivity tools and cloud technology they wanted, and the peace of mind they were missing before Bulletproof 365. 24/7 helpdesk support has reduced the load on their IT Manager and significantly shortened response time to user problems or questions. The increased security protocols also helped T+S qualify for the cybersecurity insurance they needed. They now reference Bulletproof 365’s security and protection as a selling point in new business RFPs.

A lot of IT consultants can set you up with remote work tools, but no company can set you up for success and security better than Bulletproof. With more than 17 years in the security business, it’s in our DNA. Protecting your privacy and data is built into everything we do.

Our full-service Microsoft Team has deep experience setting up, customizing, and migrating businesses to the cloud, and our track record is impressive: more than 20 million files and 100,000 users migrated so far. We are proud to be a Microsoft Gold Cloud Partner.

Our security pedigree is second-to-none, protecting more than 70,000 users and networks on six continents. Our 24x7 Service Desk supports over 50,000 users and over 10,000 network devices in more than 300 client offices around the world.