Insync Blogs , | 2020/04/15 at 10:55am

Finding the right balance of security as Australians shift to work from home – why a happy medium beats the short- and long-term options

As we continue to grapple with how Covid-19 is reshaping our daily life, millions of Australians have traded the office for their home. As a result of the shift, businesses have been quick to adopt or extend Modern Workplace technology to ensure staff can continue to work productively and efficiently from home. Fast adoption is now a necessity, not an option.

The process of rolling out new apps or platforms, usually staggered to strengthen understanding and increase adoption rates, has been rushed. This can lead to businesses making decisions based on an immediate need, where usually they would have a longer-term strategic focus.

This is especially problematic when considering security and governance in your new Modern Workplace. Think short-term and you will create larger problems for your business down the track; think long-term and you could hinder or slow down current work productivity by overcomplicating things. Here are our top three recommendations for the happy medium when it comes to security.

1. Sharing files – the golden rules

Don’t create copies of files to take home. This results in multiple versions of the same document being in circulation. Staff have no way of knowing if they are accessing and editing the most current version. In addition, content can be downloaded to untrusted or unmanaged devices that are not in line with your security standards.

This is a security and compliance issue because nobody knows who has which files and it becomes hard to track how the multiple versions are being accessed. It also causes confusion and can reduce productivity when staff have to redo work that has been completed on the wrong version.

Do migrate your files to OneDrive and SharePoint. To avoid staff copying files, ensure your documents are saved in the Cloud and accessible to all those that need them. This will then remove the urge to copy files. Staff can share documents by sending links to each other, instead of uploading versions.

2. Office 365 creates an automatic audit of file and app activity

Establishing the right security processes and permissions for an organisation that has moved to Office 365 is a time-consuming process. And if you do not have time on your hands, it can again be an efficiency obstacle for staff. However, Office 365 automatically creates an audit trail of every interaction in your Office 365 ecosystem.

Therefore, a good interim security solution until you nut out a complete security model, is to move as much work as possible into your Office 365 environment. For example, if you are using SurveyMonkey, replace this with Forms. This will then allow you to monitor and identify how staff access and use different apps. Having this information will allow you to design and deploy a security model based on user proof points. Additionally, it keeps the data inside your environment, as opposed to on a third-party service with a separate username & password, that is beyond your control.

3.How to roll out Multi-factor Authentication

Last but by no means least, multi-factor authentication, or MFA for short. Whilst MFA is not a new concept, it is particularly relevant for staff working from home on their own devices. The move away from offices will often mean an influx of untrusted devices as staff use home laptops and PCs. As a result, it is incredibly tempting to roll out MFA as quickly as possible, to ensure your data, devices, identities and network are secured.

If your staff have already been introduced to MFA and are familiar with the process, this is fine. However, if MFA is a new requirement for your staff do not try and force it on staff members who are already working well outside of their comfort zones.  Instead, break the rollout into two phases:

  1. Enable: Set up and prime your MFA. Ensure you have allocated the right permissions to protect the right identities. Test the process and create a process around how staff should enrol on your office network.
  2. Enforce: Once prepped, roll out the MFA slowly. Whatever you do, you do not want to make working from home harder.
Upskill your staff with the everyday essentials of Office 365

If you have recently rolled out Office 365 or introduced new apps as a result of staff moving to work from home, Insync Technology has created a four-week remote course designed to enhance existing staff knowledge and user experience.

To find out contact Insync today.