- Mobile working is a standard, today.
- Companies are not longer protected by their infrastructure in their corp-environment.
- Crucial document data is moving away from centralized systems because it’s easier to work on them on our own document systems.
- The irrelevance of bombastic systems in corporate environment is holding collaboration down.
- Does it sounds familiar?
the 10 security recommendations we should consider while working from home!
- Identity Security / MFA
- Install the latest patches and updates
- Passwords and management
- Build real-time reports of security risks
- Create automated and intelligent alerts
- Install antivirus on all endpoints
- Secure devices and corporate devices (+ personal phones)
- Evaluate regularly which users have access to data, devices and networks
- Track, change and block access for temporary projects and when employees are leaving your company
- Use information protection solutions to protect your data everywhere.
1. Identity protection
- Some facts: 1.2 million of all Office 365 or Microsoft 365 accounts (each month) are compromised. This represents 0.5% of all accounts in your environment. Source: theregister-co-uk
Multi-factor authentication prevents 99.9% of all attacks.
- Activate MFA, It’s easy.
- Run a Microsoft Attack Simulator. It cost 2 hours. And will show the potential risk.
- See which account has most likely been compromised through risky sign-ins.
- IMAP, POP3 disablement and implementation of MFA in 1 click? Enable Azure AD Security Defaults
2. Patching & updates
- Take control of all devices in your organisation with Microsoft EndPoint Manager.
- Take control of Mobile Devices, or at least use Mobile Aplication Management and protect your corporate data. (iOS, Android, W10, MacOSX,..)
3. Passwords and management of authentication
- Create a password policy. Check if 100% is during renewals. Enable MFA for everyone. In case you don’t do it create policy for example: IF not with MFA than set password +100 characters. (for applications, not users) etc..
- Microsoft has advised to disable password renewals in this article. I think it’s possible IF you are doing multiple other steps of this article.
- Start using Windows Hello For Business
- Start using Passwordless Authentication
- Start using Self-Service Password Management
4. Create real-time reporting of security vulnerabilities
- Identity risks are in every organisation. Don’t think that your changes are low. Check the facts.
- It is very easy to use ‘risky users‘, ‘risky-sign’ ins and ‘risk detection’ to find out real risks.
- Integrate with Microsoft Defender ATP and ATP Sensors to have all intelligence in the Microsoft cloud.
5. Create automated and intelligent alerts
- There is only 1 answer. Microsoft Cloud App Security.
- Create alerts when 100 files are deleted. Copied to Dropbox for example.
6. Install antivirus on ALL endpoints + go beyond antivirus
- Microsoft Defender ATP, sentinel-one, Norton, McAfee, it doesn’t really matter. As long as you are able to protect all endpoints.
- The second factor is to make sure that your antivirus is enabled. Use a single console. OR use MDATP. Set security alerts so you know when you are at risk.
- Use EDR monitors to detect and respond to advanced attacks in real time.
7. Secure private(personal) devices and corporate devices
- workstations and portables (With W10 for example) are in control in most of the companies. Mobile devices are left unmanaged because we don’t know the options.
- With Intune (EndPoint Manager) you can isolate and segment applications without having to manage the device. The corp. applications is under control. The organization’s data is protected. The most important thing is done!
- Choose a fingerprint, faceID worst-case pincode in app protection.
- Below you may find an example of the Outlook application which is protected by Mobile Application Management. In case organisations are not the owner of these devices this is a great option. And simple to implement.
8) Evaluate regularly which users have access to data, devices and physical network
- Cloud App Security shows you exactly whether data is passing on all endpoints.
- Document data, lateral movements, usage of applications, global traffic, count of applications in use in your organisation. Risk levels, GDPR proof applications..
- Bring network devices logging in CASB to have more insights.
9. Track and block access for temporary projects or employees leave the company
- governance without enforcement is just good advice.
- Create simple written policies, enforce policies.
- Create retention policies for example in a Microsoft Team that removes the team after 180 days.
10. Use information protection to protect your data everywhere
- Use Information protection to protect document data. Even if you lose the document “physically”. There are still options to block this from opening and keep in secure from distribution, opening, editing,..
- Create document data insights from on-premises and cloud solutions with Microsoft Information Protection Policies.
- Security priorities are difficult. However, I would always start with MFA becasue this is fundamental identity security. Afterwards document and device security. Because companies are moving to Teams during Covid-19. And you don’t want data leakage during this time.
- If your identity is not secure, and compromised, there is no point in doing information protection. Because a ‘hacker’ will use your accounts to access your corporate data.
- Use Microsoft Securescore.microsoft.com as a guidance. Extract your priorities.
- Let’s do it!