How To Maintain Security When Employees Work Remotely

COVID-19’s threat to public health is significant. Unfortunately, cybercriminals are already using this global health crisis to their advantage to try to steal sensitive data. They’re counting on cracks in your cybersecurity caused by a hasty retreat to home offices and a patchwork implementation of remote productivity software solutions.

Spear-phishing attacks—attacks that target a specific individual or organization—rose by nearly 700% in March 2020 over the previous month, leading the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA), the United Kingdom’s National Cyber Security Centre (NCSC), and many other organizations to release public warnings about such attacks.

While COVID-related phishing attacks most often target individuals, the threat to your business data becomes clear when you consider how the lines between personal and work-related digital behaviours have blurred given the new reality of many Americans who are working from home. Employees using personal laptops under a BYOD strategy may not think twice about opening a potentially fraudulent personal email while logged into work accounts.

Other attackers are taking advantage of the large numbers of employees suddenly forced to operate outside of traditional corporate network perimeters, passing sensitive company data back and forth between unencrypted home WiFi networks on insecure devices. According to CNBC's survey, more than one-third of senior technology executives stated that cybersecurity risks have increased as a result of their employees working remotely.

The fact is that once COVID-19 is under control, most American businesses will never go back to the way things were pre-2020. While no one wishes for a global pandemic, it is in times of crisis that we tend to see the fastest evolution in technology. Successful organizations will adapt and grow through these challenges, and may very well realize that remote work—securely enabled—is better for their organization and their employees than requiring everyone to be in the office 100% of the time.

Simply put: it’s a mistake to put patchwork solutions in place, hoping that this will all be over soon. It puts your data in grave danger now and ignores that the business landscape has irreversibly changed.

Smart companies will take this opportunity to be forward-thinking and implement future-proof solutions.

For remote workers, security and productivity must go hand-in-hand. If remote security policies cause frustration and wasted time for employees, they will simply work around them. Without employee education and participation, even the most robust security methods aren’t useful or effective.

Employees working from home (or, as public health restrictions ease, from shared spaces like coffee shops, airports, or libraries) must be able to stay compliant with security policies without interrupting their workflows. Businesses that are serious about maintaining security when employees work remotely must choose productivity software with built-in security, with neither feature treated as an afterthought.

If your business is actively seeking a remote work solution that fosters security and productivity, this checklist may help narrow your search. If you’re currently relying on a patchwork of software solutions that leave dangerous gaps in your cyber defenses, this checklist can help you identify an all-in-one solution that can deliver productivity and peace-of-mind while eliminating the IT problems you’re facing today.

The right secure remote work software solution for forward-thinking businesses will:

• Give you (at least) the basic essentials: email, calendaring, mobile document creation and collaboration, team communication, and file storage and sharing.
• Work from anywhere that your employees choose to work, and from a range of devices for companies with BYOD policies.
• Provide built-in tools for managing and authenticating users, including role-based access control.
• Enable multi-factor authentication for enhanced remote work security.
• Help protect users from phishing and business email compromise (BEC) attacks.
• Help protect users from malware attacks.
• Allow for the implementation of a data loss prevention (DLP) policy that can help monitor the transmission of sensitive information and prevent it from ending up in the wrong hands.
• Give users advanced collaboration tools, including video conferencing, whiteboarding, team chat, direct calling, recording and automated transcription options for meetings, and real-time document co-authoring.
• Provide all of the tools your business needs with a layer of embedded security that doesn’t inhibit productivity.

Microsoft 365 delivers an advanced productivity platform with built-in security features that can be scaled to your organization’s needs. Microsoft 365 can securely power remote workforces of all sizes, from small businesses with limited IT resources to enterprise organizations with thousands of employees.

Microsoft 365 includes*:

• Windows 10 Business
• Office 365, which is comprised of all the cloud-based productivity apps that power businesses across the world: Outlook, Word, Excel, PowerPoint, Publisher, and Access.
• Exchange, which provides intelligent email and calendaring.
• OneDrive, the intelligent file sharing and management app for seamless remote collaboration.
• SharePoint, a mobile intranet that lets users easily build dynamic sites to share resources and content for projects, teams, and departments.
• InTune, an integrated endpoint management platform that takes the risk and headache out of BYOD policies.
• Teams, the collaboration platform that keeps remote workers productive and engaged with video and web conferencing, scheduling assistance, screen sharing, chat, whiteboarding, automatic transcription, and more.
• Advanced threat protection and security features that help stop phishing and ransomware attacks, enable multi-factor authentication and conditional access, and restrict the movement of sensitive data.
• Even more intelligent tools to power both remote and on-site work environments, like Bookings and MileIQ.

*not all features available at all subscription levels

Web and video conferencing apps have become more important in 2020 than ever before. In a time when being face-to-face with coworkers and clients is a threat to public health, finding ways to maintain interaction is critical.

Many users of web conferencing tools are finding that solutions that used to work just fine for occasional remote meetings simply aren’t cutting it anymore. It’s easy to ignore a conferencing tool’s shortcomings when you only need it once in a while. When it suddenly becomes your main (or only) method of team communication, those minor annoyances quickly become major problems.

Additionally, users have discovered that some web conferencing apps are putting their cybersecurity at risk.

One app that came under heavy scrutiny was Zoom, which came under fire for allegedly selling off user data to third parties as it saw fit. Zoom rewrote its privacy policy in late March 2020, but didn’t stop collecting significant amounts of user data. In early April 2020, security expert Bruce Schneier learned that Zoom for Windows could be exploited to steal users’ credentials and that Zoom was secretly displaying social media information to other meeting participants.

Video conferencing is just one of the many features of Microsoft Teams, which eliminates security concerns associated with tools like Zoom. Teams offers chat, calling, meetings, file storage, interconnectivity with the rest of the Microsoft 365 suite, compliance controls, advanced authentication capabilities, and more.

Some features of Teams that are exceptionally useful for remote work environments include a whiteboarding app for real-time brainstorming collaboration, automatic searchable meeting transcriptions, meeting time recommendations based on employee availability, and the ability to co-author files directly within the Teams app. All Teams features are protected by the same security protocols as Microsoft 365.

A lot of IT consultants can set you up with remote work tools, but no company can set you up for success and security better than Bulletproof. With more than two decades in the security business, it’s in our DNA. Protecting your privacy and data is built into everything we do.

Users on six continents trust Bulletproof to secure their networks, data, and people. Named 2020 Partner of the Year | Modern Workplace by Microsoft Canada, Bulletproof is proud to be a Microsoft Gold Partner with ten gold competencies. We look at everything we do through the lens of integrating productivity, enablement, and security into the solutions we develop—delivering value, protection, and peace of mind that others simply can’t.