Forty percent of employers claim more than half of their workforce will continue regularly working from home even when the pandemic is over.
However, despite the many positive benefits of this new mode of working, it’s clear that cybersecurity issues remain a serious concern. Worryingly, in the UK, cybercrime increased by 31 percent during the pandemic.
Bearing these facts in mind, now's the perfect time to follow our top tips for securing your new hybrid office.
Many employees felt the strain of distributed working during the pandemic-induced remote working boom.
Deploy identity and access management (IAM)
When staff use multiple devices and rely on a long list of applications to get their work done, it’s a challenge to ensure everyone has correct access. However, if you don’t get this right, you risk costly data breaches if staff accidentally leak data or fall victim to phishing attacks.
The answer to this problem? Set up and configure IAM tools and policies correctly in Microsoft 365 and across the rest of your tech stack. If you'd like to find out if access control is a weak point in your business, read our guide here, or take advantage of a Microsoft 365 Secure Health Check.
Perform cyber-security awareness training
With 55 percent of IT leaders believing security training is the biggest challenge with hybrid working, you’ll want to put this high on your to-do list.
In the world of hybrid working, hackers target staff more frequently. Therefore, you must ensure everyone in your organisation is well-trained to avoid malware, phishing emails, and other threats. There are plenty of workshops out there that'll help you cover the bases.
Implement a bring your own device (BYOD) policy
If your staff mix their personal and work lives on the same devices, there’s the inevitable risk of accidental exposure of sensitive data. This makes bring your own device (BYOD) policies a crucial tool in the age of hybrid working.
Your BYOD policy must guarantee security while also facilitating productivity. Policies will vary for each business but can cover everything from a list of approved devices to clarifying which applications are OK to use. Here’s a guide from Microsoft if you’d like further help.
Providing secure access to corporate applications
Naturally, providing your remote staff with secure access to all of their productivity applications is vital. To do this, you'll want to use a virtual private network (VPN). This will create an encrypted connection that will prevent unwanted third parties gaining access. If you're using Microsoft 365, its worth noting that Microsoft recommend a split tunnel configuration.
Another way to secure access is to use software-defined wide-area network (SD-WAN). If you'd like setting up or managing your SD-WAN, you can get help here.
Adopt endpoint detection and response (EDR)
Your company data exists on endpoints and in the cloud. Unfortunately, security issues can infect these endpoints in just seconds. So, why not take advantage of EDR so you can prevent, discover, and roll back a threat to a pre-infected state?
If you take advantage of our services, you’ll enjoy a service that:
- Discovers security issues
- Holds incidents at the endpoint
- Investigates security dangers
- Brings guidance on remediation and remediate (kill, quarantine, delete malicious files and roll back)
Adopt manage, detection and response (MDR)
Most organisations are not aware of data or system compromise until well after the event, typically weeks or months. You need the ability to predict an impending attack or detect that one is happening.
Managed Detection and Response from Claranet can help. It contains the right mix of 24/7 monitoring capabilities and real-time analysis of security alerts generated by your applications, network devices, hardware, and endpoints on your network or in the cloud.
It combines human expertise and technology to continually protect, and it allows you to quickly identify threats and attacks. It also informs you of any breaches and risks, and allows you to rapidly respond, manage and contain the threat.
The service includes:
- Security information and event monitoring software (SIEM)
- Threat intelligence feeds
- A team of expert security analysts who can alert you, as well as advise and discuss the threat with you
Deploy the right applications
Finally, wed like to point out the value of using a strong set of security applications.
These can cover many areas, including:
It's worth mentioning that you'll want to explore the full range of security features on your current productivity applications as well. Here are 10 ways to level up your Microsoft 365 security for additional help.
Fortify your new hybrid office
With 2020 setting the record as the worst year ever for cyber-attacks against UK firms, are you willing to take risks with your IT security?
By deploying the tips we’ve covered – from BYOD policies to EDR/ MDR and incorporating SDWAN – you'll be better placed to ride out the threats that knock at the door.
That said, it can feel burdensome to make these changes when you’ve got other projects on your plate. So, reach out today, and chat with one of our team to see how we could lighten the load for you.