- Articles
- How to use the cyber-security features in Mic...
Table of Contents
Due to the worldwide COVID-19 coronavirus outbreak, almost all industries have experienced a sudden need for remote working tools. With more people than ever working from home due to “social distancing” in an effort to stop the potential spread of COVID-19, companies are faced with a potential spread of malware against their newly-homebound employees. Much of this concern stems from employees using their personal devices to access professional software at unprecedented scale. For example, even when your employee is using a work-issued laptop and virtual private network (VPN) to connect to the corporate network from home, a poorly-secured home Wi-Fi router or a family member’s device could infect—digitally, of course—your work-issued laptop.
Microsoft Teams, the cloud-based business collaboration app built into Microsoft Office 365, has become extremely popular for employees working from home. In fact, Teams usage skyrocketed from around 32 million users per day to over 44 million users in just one week in mid-March 2020. As businesses large and small rush to enable employees to work from home, apps such as Microsoft Teams will be critical to keeping workers engaged and connected.
While there are numerous options for online business collaboration apps, the key advantage of Microsoft Teams is its underlying hyperscale, enterprise-grade cloud infrastructure that delivers advanced security and compliance capabilities. For the small-to-midsize businesses (SMBs) who need to quickly get their employees working from home, Microsoft Teams’ built-in cyber-security features are crucial factors to consider for both corporate IT managers and financial decision-makers.
Amaxra consultants successfully deployed Microsoft Teams to SMBs for almost three years and point to three key cyber-security features that help employees stay safe whilst working from home:
Multi-factor authentication
Multi-Factor Authentication (MFA) is a cyber-security enhancement that requires every user to present two or more personal credentials when logging in to an account. By requiring multiple credentials for authentication increases the overall security of user logins for not just the Microsoft Teams app but to all Office 365 services. With MFA for Office 365 enabled, logging into the Microsoft Teams app requires the user to correctly type in their password then acknowledge a secure phone call, text message, or an app notification on their smartphone. Only after this second authentication factor has been satisfied can the Teams app be used. When configured, Teams enforces MFA for logins of all users your entire organization no matter what location the user accesses their Teams app. This is important because the global availability of Microsoft’s cloud infrastructure means your remote workforce does not require a separate VPN app to access data such as chat messages in Teams, emails and calendar appointments in Microsoft Outlook, and files stored in Microsoft SharePoint folders.
An added benefit of storing data in the Microsoft Cloud is encryption of your data both in transit (e.g. when you hit “Send” on a Teams chat message or initiate a video call, that data is “in transit”) and at rest (i.e. stored in a SharePoint folder in the cloud). Requiring MFA for Teams logins coupled with data encryption dramatically improves a remote worker’s account security.
To learn how to configure MFA in Office 365 and Teams, view the on-demand video replay of our October Amaxra TechTalk.
Blocking malware with Advanced Threat Protection (ATP)
Opportunistic criminals are exploiting the panic and fear brought on by the coronavirus crisis. Hackers are creating COVID-19 tracking websites and apps that lure people seeking information about the spread of the disease then spread malware such as ransomware to their devices. Fortunately, Microsoft offers Advanced Threat Protection (ATP) to help detect and block files that are identified as malicious.
When activated, ATP cyber-security uses cloud-based artificial intelligence to protect your shared files and communications whether initiated in Microsoft Teams, Exchange Online, SharePoint, or OneDrive cloud storage. Enabling ATP for your remote workforce provides:
- Protection for all users in your organization against unknown malware and viruses by providing robust zero-day protection
- Advanced features to safeguard your remote workforce against harmful hyperlinks that initiate downloads of malware and ransomware
- Detailed data analytics and reporting that your IT department can use to track down potential security vulnerabilities in your remote work setups
ATP is 100% based in the cloud and does not require any special hardware or software to be downloaded to a remote employee’s laptop. However, it’s important to note that ATP is sold as an add-on for all Office 365 for Business and most Office 365 Enterprise plans. While ATP is part of the most expensive Office 365 Enterprise E5 subscription plan, Amaxra consultants find that it’s more cost effective for our customers with Office 365 Business to upgrade to Microsoft 365 For Business. This upgrade is less than an Office 365 Enterprise E5 plan and pays for itself quickly because it:
- Adds the same ATP cyber-security features found in the most expensive Office 365 E5 plan to your existing Office apps and
- Provides free upgrades to the latest secure version of Microsoft Windows 10 Pro for all users in your organization.
Having the most up to date version of Windows 10 Pro on all employees’ PCs adds another crucial layer of security needed when working from home.
Keep sensitive data safe and stay compliant
Companies subject to industry and governmental compliance regulations often have policies in place that keep sensitive data safe in the cloud. Doctors and lawyers are prime examples of SMBs required to prevent the sharing sensitive and personally-identifiable patient and client data. Tech companies and financial services are also required to operate with various industry and/or regulatory frameworks—often tied to keeping customer data in a specific geographic region such as the General Data Protection Regulation (GDPR).
Businesses using Microsoft Teams for online collaboration are safe because Microsoft built the underlying cloud infrastructure to be compliant with the top frameworks such as ISO 27001, ISO 27018, SSAE16 SOC 1 and SOC 2, HIPAA, and EU Model Clauses (EUMC). Microsoft ensures all Office 365 apps and services meet these various industry-leading compliance commitments by default. Your organization can customize exactly how and where data is stored and used within these various frameworks in Microsoft Teams and other Office 365 apps going to https://protection.office.com and logging in with admin credentials—and MFA, of course.
Connect your employees with Microsoft Teams
While remote collaboration has become essential for the work-from-home corporate mandates to help slow the COVID-19 outbreak, don’t think of using Microsoft Teams as a “temporary fix” for your employees. A Microsoft Teams collaboration solution from Amaxra can fundamentally change how your business operates, helping to transcend geographic boundaries and make everyone in your organization work more efficiently and securely no matter where they are and what device they use.