Top Tips for Secure Remote Working with Office 365
The recent health scare around coronavirus (COVID-19) has got everyone, quite rightly, working from home or remotely.
11 Mar 2020
6 min
Rakesh Chenchery
Chief Technology Officer
There are even discussions about making remote working or working from the home the norm and with more and more businesses adopting cloud-based platforms, such as Microsoft 365, this could well be the reality for us sooner than we might think.
However, a question arises when it comes to security: are users really geared up to work from home without compromising the security of the corporate data that they are working with?
Proventeq CTO, Rakesh Chenchery, has put together these tips to help you securely work from home and remotely.
Staying secure wherever you are
Let’s start with the obvious one: computers and phones. Whether you are using a company device or your own to work with, you need to keep it physically safe from third parties and crooks. Be sure not to leave your devices in the car and do not lose sight of them when working outdoors, such as cafes and other public spaces. Lock your devices before stepping away from them too.
Make sure your drives are encrypted. If you are using a Windows 10 laptop, turn on BitLocker device protection, as it provides full disk encryption on Windows 10 PCs. If you are using Office 365, the recovery key can be stored in your O365 account in Azure AD.
If you use a Mac device, turn on FileVault and when using your personal devices for working, be sure to only install apps from legitimate sources.
To protect your devices from viruses and hacking, enable Endpoint protection. Ensure Antivirus and anti-malware are enabled too. Turn on Windows Defender Firewall as it offers real-time protection.
Protecting your identity
When it comes to protecting your online data, use Multi Factor Authentication (MFA) to avoid falling victim to stolen passwords
Protect your passwords by making these stronger and hard to guess (i.e. ensure it contains a mix of upper and lower-case letters as well as numbers and special characters). Do not use the same password! With Office 365, Azure Active Directory will enforce secure passwords to bolster data security. Use password managers to store your passwords. For obvious reasons, do not store passwords as plain text in your sticky notes – virtual or physical.
Preventing data loss
With Office 365, use OneDrive to store your documents. You can easily switch between devices and work seamlessly. In the event of any data loss, your company can wipe the data. To ensure your data is synced, make sure the OneDrive sync client is running (you can see this in the bottom-right corner of your computer screen in the Taskbar), you are signed in and that the data is syncing.
Protect sensitive information using message encryption. Do not email sensitive information like passwords, credit card numbers etc. Office 365 compliance and information protection can automatically identify and secure such content. Use encrypted messages for sending sensitive information, which is available as part of Office 365 message encryption.
Watch out for scams. Be aware of phishing attacks which can trick you into handing sensitive information by making you click on malicious links. Always check the request is from a legitimate source by checking the domain of the email sender and hovering your cursor over the linked text to inspect the URL of the actual link. Do not open attachments from unknown sources. Exchange online protection and Advanced Threat Protection in Office 365 can help identify malicious emails and links.
Encrypt your Wi-Fi connection using the WPA2 or 802.1x security protocols and do not use the insecure WEP. If in doubt, consult your IT support team or your Wi-Fi provider for help with this.
Conferring with colleagues and customers
With Office 365, communicating with your colleagues and customers has never been easier thanks to Microsoft Teams. You can also use Teams to work on your files in OneDrive and SharePoint. Teams enforces team-wide and organization-wide two-factor authentication, single sign-on through Active Directory, and encryption of data in transit and at rest. It also supports Advanced Threat Protection, Conditional access, Retention Policies and Data Loss Prevention policies.
Use this handy infographic to help you with secure remote working