October 14, 2020 Cybersecurity Knowledge Center

Put your cybersecurity on Autopilot: Protecting your remote workforce with Microsoft 365

Reading Time: 3 minutes

Editor’s note: This article was published in 2020 and has been updated for accuracy and comprehensiveness as of February 2021.

Organizations have been struggling to apply the old-world productivity tools of then to the problems of now for some time, with increasingly ineffective results.

The cybersecurity mechanisms that enabled the secure tech environments of the past were already eroding under the weight of this past decade, and then COVID came along and further complicated things. The pandemic brought a mass exodus from primarily on-premises infrastructure to a dispersed and remote workforce, and with that change came a dilemma:

How can you reduce a massive attack area and eliminate the enormous risks that businesses (often unknowingly) opened themselves up to as they flipped the switch on going 100% remote?

An unprecedented number of employees are now working from home, using a mix of business and personal devices, which spreads resources between personal, work, and school demands. At the same time, SUCCESS has witnessed the rapid adoption of many new cloud-native applications. Microsoft Teams, Zoom, Salesforce, and many other popular cloud software providers have seen a significant uptick in users since the beginning of the year.

All of this rapid change means that businesses have introduced some major cybersecurity problems into the mix. Organizations now lack visibility and control over both devices and applications, making corporate identities and data much more difficult to protect. Unfortunately, most organizations, especially small- to medium-sized businesses, are blind to this fact—many do not suspect that anything is the matter.

Something is the matter, though: the security industry has seen a rise in phishing and ransomware attacks. Many bad actors are now taking advantage of election season and COVID to put forth more fake emails, websites, and social media links designed to get users to click on something.

These increased attacks are also coupled with increased vulnerability. After all, how many people are sitting behind a company firewall every day? How many users are not working from a company-managed (and protected) device? This is a big problem.

Microsoft 365 Business Premium offers a solution—but it does take some work to implement the various software and settings. For example, using the tools in Microsoft 365, you can require that all devices are enrolled and managed by your organization before they are allowed to gain access to company resources such as email and documents in the cloud. This would prevent unmanaged devices from storing or processing corporate data, and that is a huge step towards better security.

Second, with device enrollment required you can do two very important things:

  1. Automatically push all approved apps and software packages to the endpoints
  2. Control security policies and other settings on the device

In fact, with these controls in place, it’s possible to achieve a “zero-touch” deployment of new devices, which is not just good for security, but makes end users happy, too: it means less time from first boot to full productivity. This unique capability within Microsoft 365 is known as Autopilot. For example, a new employee could unbox their own new laptop (which can be shipped directly to them); they would simply identify it as a work device during the first-time setup wizard (signing in with their Microsoft 365 credentials), the machine will automatically be enrolled, and the user’s apps and data will come straight to their new computer. What a great service to be able to provide to your staff, especially during the pandemic!

Since security policies and settings are controlled in the same way, you can ensure that machines will have all the right dials turned to reduce attack surface, encrypt data, and protect the end user from potential malware and malicious web links. For example, by using a combination of Microsoft Defender for Office 365 (formerly known as Office 365 Advanced Threat Protection), and a feature called Network Protection on the endpoint, you can prevent users from navigating to malicious websites. Even better, this protection is delivered from the cloud, so it operates independently of any particular web browser, email client, or traditional corporate firewall.

These are just a couple of examples to illustrate the point, but as a matter of fact, Microsoft 365 Business Premium contains many critical cybersecurity features to help small and mid-sized organizations meet several of the requisite Basic and Foundational Critical Security Controls from the Center for Internet Security (CIS). It can do all of this 100% from the cloud without any reliance on old-world legacy infrastructure.

The future of endpoint management and security is already here. Are you ready to begin leveraging modern-day tools to protect your staff and boost productivity? If so, be sure to reach out to your SUCCESS representative about moving toward a cloud-first, mobile-first platform with Microsoft 365 Business Premium.