User and customer behaviour is evolving rapidly. Consider how they are sharing important data and how your third parties may be accessing information or collaborating with your team.
Business may be taking products and services online. Look at secure design, data access and deployment of tools for all new services.
questions that need to be asked and answered
We want to increase our use of cloud and SaaS services, what should we be doing?
Cloud and SaaS are an enabler for business and the benefits they deliver outweigh the risks, if they are designed and secured effectively.
Haven’t got a work laptop, how can I work from home securely?
Your company hasn’t embraced BYOD previously, it was seen as being too risky. Necessity has meant it is now the new normal and you need to enable users fast.
By following these actions you will better understand your posture and be on track to a more secure business.
Enable BYOD securely and easily
Implement Microsoft Intune to allow users to securely access corporate resources from BYOD devices.
To stop personal apps on BYOD devices gaining access to your company’s information and even passwords, use Microsoft Intune and Azure Active Directory to make sure only managed apps can access corporate e-mail or other Office 365 services.
Properly secure your cloud applications and identities
If you’re not using Multi Factor Authentication (MFA) for services such as Exchange Online you need to right now. Email compromise is still one of the main avenues of attack. Your account is more than 99.9% less likely to be compromised if you use MFA.
Reduce the number of users who have elevated privileges and those that do need it should be restrict to only what they require.
Extend current DLP capabilities and review policy settings
Now more than ever data leakage can occur, review current policies and make changes where appropriate.
If you don’t have or use DLP, there’s native capability in Exchange Online as well as SharePoint Online and OneDrive for Business which you already own. Turn it on in reporting mode first, understand how users use and share information before you move to enforce/block.
Reduce the security friction
Rather than being the blocker of business, work with the business to find ways to allow users to do their jobs remotely and securely.
To provide a better user experience when remotely accessing applications hosted in your own data centre or a public cloud such as AWS, GCP or Microsoft Azure. Look at alternatives to legacy VPN’s such as Zscaler ZPA which provides secure access through a zero-trust security model.