The Coronavirus, or COVID-19 pandemic, will be with us for a while, and is already changing everything – including IT and how work is done.
The efficient functioning of IT systems is critical to the world economy, employees’ sense of purpose (not to mention bank accounts), and maintaining the infrastructure critical to keeping health care, government, transportation and utilities all operating.
That means there is immense pressure on IT professionals, who we count on to make all this work. The challenges are massive. IT is not only responsible for maintaining the status quo, but at the same time driving massive change, largely around a workforce often unable to perform their duties in the office. Employees need their productivity software to keep running smoothly, of course. But even more so, they require collaboration and communication software to be an effective member of a team – even when physically dispersed.
Mature IT organizations are already on top of collaboration, with strong Digital Transformation Initiatives driving new ways to work. With Coronavirus, and the expectation that another crisis is only a matter of time, Digital Transformation is no longer a NICE thing to have, but a MUST do. Coronavirus is literally forcing the Digital Transformation issue – and Microsoft Office 365 and Teams is at the center of this movement.
The CoreView Milan Office Story
CoreView, founded in Milan where we have a dozen or so workers, is already a Teams devotee. Thanks to Teams, our Milan crew is working at 100% capacity even though our office has been closed for over a week. Learn more in our blog CoreView Milan Team Keeps Working Despite Coronavirus Lockdown, or the TechTarget article Remote Work Shift May Boost SaaS Management Platforms. As an Office 365 SaaS Management Platform (SMP) vendor, we make deep use of Teams and other O365 services.
With Teams, CoreView employees not only ARE connected, they FEEL connected. Here are nine ways to drive a safe, Digital Transformation for your remote worker force.
1. SaaS is Your Friend
Many companies in Coronavirus-stricken areas such as Italy and the Pacific Northwest already demand people work remotely, and more regions are asking the same as a precaution. If you are not in this situation, your time may unfortunately be coming.
If your workers use on-premises productivity software, you should consider a SaaS solution such as Microsoft Office 365 or Google G Suite. This way, employees can work from anywhere, and any device.
There is a bit of great news. Microsoft is giving away a full version of Office 365 free for six months. This SaaS productivity suite includes Microsoft Teams, which offers Voice over IP (VoIP), chat, file sharing, video meetings and web conferencing, video calls, and calendars.
2. Is the Remote User Really YOUR Remote User? Detecting Compromised Accounts
Now that workers are scattered over hill and dale, IT needs to track to make sure all these remote logins are legit. The answer is to monitor suspicious O365 sign-in activities. Knowing how many suspicious sign-in attempts are happening, where they are coming from, and what they are targeting is a key security best practice – and especially critical during this crisis. Here are suspicious sign-ins you should track:
- Sign-Ins from Infected Devices
- Sign-Ins from IP Addresses with Suspicious Activity
- Sign-Ins from Multiple Geographies
- Impossible Travel Sign-Ins
Even better is to have reports to identify not only remote login attempts, but also to discover targeted accounts, MFA status, and the reasons the login failed.
3. Device Management
During this crisis, some are working from home, still just miles from the office. In other cases, workers are leaving the area, going to vacation homes, living with friends or relatives, fleeing the hardest hit zone. There is no telling what devices they use for work, and to connect to the corporate network. While a productivity boost, all these devices are a security nightmare.
IT should know exactly what these devices are for several reasons. Systems are only secure if they are patched and using up-to-date modern software, including operating systems. Windows XP does not rate as a high security platform! What is the OS, what is the patch status? Is the device safe?
Mobile devices have the same concerns. What kind of OS? What is the patch status? Is the device safe?
Keeping software patches and anti-virus tools up to date requires that IT knows, and can validate, the configuration of workstations, laptops and mobile devices, and what software is installed. More to the point, how do you know if the device is infected? And if it is, how do you know what that device did to potentially spread malware or other malicious software?
4. Moving to SaaS – Migration and Management Issues
If you move to a SaaS productivity solution such as G Suite or Office 365, there are migration issues in terms of onboarding users and helping them access data. While migration is a key undertaking, the actual operation of O365 is just as big a concern. Gartner, in its ‘Market Guide for Cloud Office Migration Tools’, put out in February 2019, pinpointed how Office 365 migration tools are limited to, well, just migration. “Migration of emails, files and application data is a common scenario for cloud office migration, but few vendors move all three workloads using a single tool and even fewer address post migration requirements of governance,” Gartner argued. “Include as part of your cloud office migration strategy the ability to address both short-range (on-premises to cloud office) and longer-range (ongoing platform governance, tenant splits, consolidation or cross platform shifts) migration demands.”
5. The Risks and Benefits of External Users
Keeping relationships going with partners means sometimes inviting them into your environment as guest users. In a pinch, you may even have to extend these invitations to employees now relegated to remote work.
External users are riskier than employees are since they are harder to secure, monitor, manage and control. Risks Include:
- Anonymous external users making changes that admins cannot track
- Employees inadvertently sharing sensitive data with external users who were not the intended recipients
- External users accidently or purposely sharing sensitive information
Your O365 admin staff should ensure the safety of external users by:
- Crafting a governance plan that determines what external users can do, data they can access, and what they can and cannot share
- Using Least Privilege Access to limit the rights of external users
- Disabling anonymous sharing
- Appling Data Loss Prevention (DLP) policies to automatically discover dangerous information sharing
- Disabling or limiting external sharing of sensitive data
6. Control, Manage and Secure Remote Workers
Key Office 365 security best practices include strong password policies, multi-factor authentication, tight mailbox security, and file storage security. Proactively establishing best practices in these areas dramatically reduces security risks. Basic layered and defense in-depth security tools simply do not dig into Office 365 specific vulnerabilities and security problem areas.
Locking down end-user accounts through secure passwords and rigorous authentication is also essential. Multi-factor authentication (MFA) requires at least two forms of personal user identification and is recognized by the National Institute of Standards and Technology (NIST) guidelines for password security. The United States Department of Homeland Security now recommends that all Office 365 users implement MFA. Making MFA adoption easy, Microsoft offers tools such as Microsoft Authenticator for users to install on their smartphones, as well as Smartcards, to work in combination with passworded logins. Multi-factor authentication is a surefire way to prevent unauthorized logins, and there is little excuse not to use it.
Meanwhile, monitoring employee activities such as their mailbox practices can identify risky behavior and proactively secure business-critical data. Preventing risky activities such as auto-forwarding to external email addresses and limiting access rights to other users’ mailboxes can prevent the spread of malware and the leakage of data through emails. In addition, being aware of unusual email activity prevents targeted spam or social engineering tactics common among today’s cybersecurity threats.
As Gartner argues, “Nearly all successful attacks on cloud services are the result of customer misconfiguration, mismanagement, and mistakes.” That means poorly configured or managed Office 365 users are an attack waiting to happen.
7. Driving Remote Productivity
For the last few years, Microsoft has WANTED enterprises to move from Skype to Teams. With the rise in remote work, enterprises NEED to make this move. How else can they keep the company going during trying times? Having a solution such as Teams available is not the same thing as putting it to work, and fully realizing its value.
Even shops that have moved from Skype to Teams often just scratch the surface of what the Microsoft collaboration and communication solution can do. For remote workers to match their in-office productivity, they need to really stretch Teams’ legs. IT and your company’s management should know how much of Teams function is really being exploited, then have a way of increasing the adoption of Teams services. Once the adoption needs are defined, targeted training can kick in.
Experts find that 70% of what an end user learns through conventional approaches is forgotten in 24 hours. A better approach is Just in Time Learning (JITL) that teaches end users while they work. The secret sauce with JITL is that these videos are context sensitive, and play as the user is walking through the application.
8. Teams Voice Configuration
When offices are abandoned, however temporary it may be, phone calls with customers and partners need to go on. That means changing the numbers from in-house to wherever the workers can actually be reached. For a global organization, this reconfiguring is a massive undertaking for an already stressed IT and communications staff.
The best way to handle this, Coronavirus or no, is to have the Teams voice and communications admins assigned locally. These admins will know the local language, and who everybody is. They can more easily and quickly change welcome messages, and set up the right call routing. On the surface, your now remote company will appear just like your physical headquarters.
9. Help and Support for Remote Workers
Your newly remote workers have enough to worry about; software problems should be the least of their concerns. Alleviating these frets requires a responsive and effective help desk, and here local is better. Like with Teams voice set up, there are no language barriers, and a local admin understands the group they are serving.
This is handled by admins with local rights over a select group of users, done through Role-Based Access Control (RBAC), and in the case of Office 365, enhanced through virtual tenants.
Learn More about Managing and Securing Remote Office 365 Users
Learn more about optimizing and securing Office 365 remote workers with a CoreView demo.
Get your O365 user workload usage and security profile FREE with our new CoreDiscovery solution. You can get your free software now at the CoreDiscovery sign up page: https://www.coreview.com/core-discovery-sign-up/