It is becoming increasingly common for companies to allow staff to work from home and remotely indefinitely, raising questions about how they can protect work data on personal or uncontrolled devices.
Gold Coast IT Support provides the following information to help you work remotely.
We need to apply various protection measures since company data can be lost in a variety of ways across different devices. Let's take a look at the features in Microsoft 365 that can help companies protect their data while users work remotely.
In spite of its name, mobile application management does not only apply to mobile devices, but also to Windows 10 devices. Both managed and unmanaged devices can be protected by Mobile Application Management policies.
Applications like Outlook, Teams, OneDrive and SharePoint that your teams use to access company data are protected.
By restricting these apps, you can stop them from saving, cutting, copying, or pasting data.
You can also require a PIN when the app starts or prevent it from running on a jailbroken phone or tablet.
Using this feature, users can selectively wipe their company data from their device without affecting their personal files. This can be helpful for organizations whose employees access company information remotely via personal computers and mobile devices.
By using Conditional Access, we can restrict non-compliant and unmanaged devices. By blocking access altogether or preventing certain actions like saving attachments in Outlook on the web or syncing files to OneDrive
The same protections can be applied in other ways to apps like OneDrive and SharePoint. By blocking access or only allowing limited access to the web, you prevent users from syncing data with their personal devices
Microsoft Cloud App Security protects more than just Microsoft 365 apps like OneDrive, SharePoint, and Outlook; it also helps safeguard apps like Dropbox Business. You can prevent users from downloading your company data to unmanaged devices by adding protection to third-party apps like Dropbox Business.
Furthermore, apps like Dropbox Business provide their own security measures, allowing you to block access to company data and wipe it from a device when it reconnects.
It is possible to configure idle session time outs on shared devices to reduce the likelihood of unauthorised access to company information. Like your bank, these will sign users out after a period of inactivity.
Cloud App Security includes built-in alerts that trigger when suspicious activity occurs. We can use them to receive notifications about things like mass deletions, mass downloads, and unusual volumes of external sharing
Using data loss prevention, sensitive information can be restricted or subjected to conditions. The policies may be triggered by keywords like project names or sensitive information types like credit card numbers, driver's license details, or tax file information. When a file containing this information is detected, it can display a warning, be blocked from being sent or encrypted.
By using Cloud App Security, we can apply additional data loss prevention measures to third party applications such as Box and Dropbox Business
How will things turn out if all this fails and data is downloaded to a personal, unmanaged device. We can apply sensitivity labels to protect against this. Labels define how sensitive a piece of content is, which can then be enforced as protection for our data. In addition, these protections apply regardless of where they land. Protections built into the file can limit who can access it and what they can do with it. By protecting sensitive emails and documents, you can prevent them from being opened, copied, saved, forwarded, or printed by the wrong people.
It is often possible to apply these protections automatically by scanning for the same keywords and sensitive information types that data loss prevention uses.
By now you can probably tell that there are many things you can do to protect your sensitive data when people work from home. Feel free to contact us for help.