Our Blog

02

Apr

Securing the newly remote workforce

I was speaking with the team the other day about the rapidly changing environment that we are in. We discussed what we were doing to get customers enabled for remote working and certainly Microsoft Azure Windows Virtual Desktop and Microsoft Teams are part of this. However, we quickly turned to the topic of security.

Securing the newly remote workforce

It’s all well and good to be remote working but having a lot of people suddenly working from outside the office network presents a new set of security issues - not the least of which is the fact that our people are no longer “within the security perimeter”.

Let’s see an example: last week Jim sat at his desk and used his computer, logging into our systems. We could see Jim; we could go and say hi to him. This week Jim is somewhere else (hopefully at home practicing social distancing). We can’t see Jim. When Jim is logged in how do we know it is really him? For all we know Jim may have been phished.

For hackers the current scenario of large rapid change is Christmas come early - just see what the ACCC had to say about it in their Warning on COVID-19 scams.

And it’s not just about phishing. We now need to be sure that the device Jim is working on is secure. If Jim is using a corporate device, we still need to ensure that it is patched just as if it was still in the office. Many people will be using their own devices to access corporate systems and this presents a risk in itself.

Even if Jim is only using a corporate device it is likely on the same home network as other non-managed devices. Hackers are likely to target these home devices knowing that they are either being used to access corporate systems or are at least on the same home network such that they could then attempt to hack into the corporate device (what the security world call “lateral traversal” in the home network).

Security experts will point out that this has always been a problem with a remote working situation, so what’s changed? The fact that nearly everyone is working from home, that’s what’s changed. From a hacker’s point of view there’s a lot more phish (sorry) in the pond.

We would recommend that customers start to tackle these problems almost immediately. We recommend using Microsoft Intune for managing devices along with Microsoft Defender Advanced Threat Protection (ATP) as a leading endpoint protection service. Multifactor Authentication is also a critical piece of the security puzzle (we have included this in our Windows Virtual Desktop offer).

A more recent offering from Microsoft is Azure Sentinel. Azure Sentinel uses the logs from Microsoft security services (and other security services) with advanced AI and security analytics to detect, hunt, prevent, and respond to threats across these services. Even better is, all of this information is surfaced within a single portal.

Upcoming webinar

We will be running a webinar with our expert security team who have both designed and implemented security solutions and have been called in to help both commercial and public sector customers recover from a security breach. The format will be similar to our recent WVD and Teams webinar where we provide some insight into how the Microsoft security suite across Azure and Microsoft 365 can be applied to secure your newly remote workforce, followed by answering the questions raised during the webinar.

Register for this webinar now.

 

This blog is part of the #ReimagineWork series. For more experts' insights, clients' experiences and to download our datasheets, click the banner.

For more experts' insights, clients' experience and to download our datasheets, click the banner #datareimagine

Posted by: Darren Christophersen, General Manager Modern Workplace, Digital, Data & AI | 02 April 2020

Tags: Contingency Plan, Continuity Plan, COVID-19, Emergency Response, Remote work, Windows Virtual Desktop, #ReimagineWork


Top Rated Posts

Blog archive

Stay up to date with all insights from the Empired blog