The past year and a half plus has been highly disrupted, to say the least. The rapid shift to remote work has changed the way businesses and agencies operate forever. As enterprises accelerate digital transformation and cloud migration initiatives, they need to make remote work and working from home as secure and seamless as possible.
Flexibility has become even more critical. Today we are going to look at how government agencies and the private sector are achieving milestones for effective collaboration from anywhere while remaining protected.
In this MFA program specifically, there was a lot of discussion at various state agencies about not everyone having a state-issued cell phone.
And they're not gonna want to give us their cell phone so they can get an MFA code.
So we deployed this, multifactor authentication program to up to 55,000 state employees. With a one-time voice passcode and an email one-time passcode.
We ended up with 60% of the people getting that passcode to their cell phones. This shows you that the users will go down the path, with the least resistance.
Would you say you set up 60% of users on VPNs? Yeah, I do. And when I say 60%, not 60% MFA, just 60% of users because they get to select the cell phone path for MFA because it's instantaneous.
I think the biggest change for me personally is this thing where we're all talking to each other on the internet all the time. I'm grateful that we're not on video at the moment, I'm used to being a little box on a screen, set up on our homes, mostly on personal devices, and in many cases, my day and most of our customers' days are spent all day on teams.
And while that can be frustrating at times, you know, we're glad that we have platforms like this that make it possible to work for the last 20 months, with all of the challenges we've faced. We could talk about, you know, device management. We could talk about collaboration, software, and security platforms and all that.
One thing that was a problem before the pandemic and continues to be a problem during the pandemic are the challenges from Teams sprawl. So we work with 25 large state and county governments that are deeply, committed to using Microsoft 365 and Teams to respond.
And those Microsoft admin tools are great at accomplishing what we need sometimes, but oftentimes they can be confusing. They can be clunky or they're just not fast enough to deal with any sort of emergency.
You're either in an emergency where you're rolling out Teams as quickly as possible to get everybody back to work in a pandemic, or you're in this ongoing new, normal, next normal, where we have to figure out ways to deal with this because it's not going away.
We're working with a government with over a hundred thousand employees that had a rude awakening. Recently, they had just finished implementing CoreView to do license management when they discovered that they had (for 100,000 employees) about 50,000 Teams channels and groups across the organization.
And most of them were marked public, with almost none of them having followed any sensible naming conventions. And they figured this out when they realized that a team group marked public would sometimes allow folks outside of the administration to access sensitive materials or folks inside the administration that shouldn't be seeing those to access the materials.
Now they figured this out, so they raised their hand and said, "Hey, you know, we, we brought in for this one thing, but can you help over here?" With CoreView we were able to quickly help them run some bulk actions to set every team's channel to private and enforce those naming conventions so that they first stopped the bleeding and made sure that there was no additional data to prevent data loss from happening.
Then we were able to delegate the ability to those Teams owners. All the way down so that it was not central IT.
So they were quickly able to go from 10,000 public teams to the appropriate handful. And then in parallel, it's the flexibility. The department CISOs were able to get in and inspect the sensitive files that had been made public inadvertently and audit them to see if they had been viewed or downloaded by whom, so they could assess the impact and take the appropriate action. You can read the whole story here.
It's great to be able to collaborate with tools like these, but we have to look for solutions that allow IT teams to be able to get past that overload and react quickly. The flexibility and reaction speed that you're able to provide in a case like that is critical.
There are lots of things to do with Microsoft 365.
The best practice that we've seen around this is to maintain harmony. We try to encourage our customers to delegate as much authority and autonomy as possible. And then here's the fine line between delegating too much and opening yourself up to risk, et cetera.
We have a technology that lets our customers use what we call Virtual Tenants to carve up their Microsoft 365 tenants. So that each agency and department has the autonomy to manage IT as they see fit. And they can even delegate tasks outside of it. So that end users can self-serve.
We had a large state agency that was threatening to break off from their global tenant. To regain that autonomy, they were tired of having central IT dictate policies.
We were able to help them carve up those Virtual Tenants, and delegate a lot more authority down to the agency level. And that was able to satisfy that big agency so that they happily came back into the fold, saving a lot of money, time, and heartbreak.
I think we saved some friendships along the way too. It had gotten heated there before we found a solution.
There are a lot of different ways when you talk about information sharing. If we go down a level and say security incidents or attacks, there are a lot of, public-private partnerships where we share threat intelligence.
There's a cybersecurity council where there's a monthly security meeting with information security officers.
We are in a new era of collaboration right now. Collaboration is all about information sharing, and security is stepping up to ensure that we're able to do that in a protected environment.
I'm sure a lot of stuff got copied on the thumb drives. And all of a sudden, you've got copies on people's workstations that may need to be in a different location. And your data becomes messy quickly. So it's really important that we, as organizations, come up with ways to both allow people to collaborate easily as well as to try to figure out methods to ensure that our authoritative source of the data remains the most active source for us.
There's a little bit of cleanup that will continually have to be done as we get people into either the permanent remote or hybrid structure or back in the office. But the key part for us is a combination of data loss prevention tools and making sure that we have provided an easy solution.
For the data loss prevention piece, you need to be as restrictive as necessary, right? Where it's preventing people from copying data or moving data around, it is a great tool to understand what data is in place in the environment.
But as an organization, our biggest concern, at the moment with everything being spread everywhere is that the data is going to end up in places we don't want it.
Taking that and understanding where the data sits in the environment is a large part of our response to the pandemic. We're not maintaining copies of it on thumb drives or systems.
We probably use 15 different products to collaborate across, mediums whether or not we're in the office. And, and this is kind of to the discussion of. It's only gonna keep changing from here. Right? I use email, video, Teams, voice phone, iMessage, SMS, LinkedIn comments on SharePoint documents, zoom, slack, you name it.
But of course, we have to keep our eyes on cost. We have to keep our eyes on security and compliance. What it often boils down to is a ton of reporting. And that can be a real project. You know, we hear about projects that take weeks of an analyst's time to write a PowerShell script, to export data from one system to another.
And they hack that together and power BI or Excel with data that was extracted from other systems.
And if you need to take some action on it, you've got to write a new PowerShell script to upload that. And the whole process can take weeks, and it can be fragile and finicky, hard to share, and hard to do version control with it to even understand what's happening.
Let alone take action on it. And nobody's got extra hours in the day to make that happen, which is why we work with our customers to make those reports that span the data silos across your entire Microsoft environment. They are really easy to automate, customize, and delegate to the people who need to be looking at that data.
You would be amazed at some of the stuff we help customers find like secret slack groups. Their employees are not supposed to be using Slack, but you can tell that they never send Teams messages to each other. They only send Teams messages outside of the organization.
Or people who've been logging in to Bermuda when they were supposed to be in the states working.
But what it comes down to is Microsoft in particular. With about two dozen different SaaS apps that have been smashed together. A lot of times, there's still a hybrid component. So you add in all of these other data systems, and those data systems all live in one global tenant, but they don't talk to each other.
Multifactor Authentication intersects with identity and access management concepts.
It's all about getting past the whole username and password phase of it. You're making the user provide something they have and something they know to validate who they say they are before they access systems.
We were taking a risk-based approach. I did not have any challenge, convincing security people of the need to adopt MFA, but when you're having those conversations with maybe someone more in the CIO or an IT director or an IT manager or an application person, that isn't always the thing that's front of mind, they have things working.
And they want to know why will I go through all this effort to adopt this new program. You have to show them the way and the value. And know a path to implementing that kind of strategy.
Typically, that is the easiest way to get into a compromised user account. And that's a lot harder to do if you have MFA fully deployed across all your user base and applications.
The usage has certainly exploded. Microsoft says that there are more than 115 million people using Teams every day, and we see Microsoft investing in this too.
As an IT team, we have to surf that wave and make sure we meet all your security requirements. Therefore, tools exist that can help you track your MFA and password policy compliance.
The best way to do this is to have visibility across your whole tenant. This is where CoreView comes in because it lets you see everything, and that's where security and management start.
That's how you save money on things you're not using. It's the best strategy for that is once you have that visibility, you need to use it to apply the right privileges, but not too much.
The easiest way has to be the most secure way or else people will start building workarounds and that leads to all kinds of problems.
That's how we help people with our Virtual Tenants and our Role-Based Access Control and the visibility that we can provide.
It's forced us to think about how we do things with more documentation, more asynchronously, so that we can embrace some of the power that working from home provides to give everybody on our team the ability to deal with their kids playing trombone and deal with their dogs running through the frame.
There are some real advantages to working from home, and it has provided folks with the ability to embrace those. It makes us think about all of our meetings and collaboration and processes differently, but we're so small compared to the organizations that we serve that it's humbling to see some of the innovations that others are going through.
