The mindset of allowing your organization to embrace a modern way of working, for some sounds irresponsible and reckless – ‘let users do whatever they want, whenever they want’ – it sounds a bit like something taken from the hippie movement.
This is not the case.
A popular red and blue clad superhero once claimed ‘with great power comes great responsibility’, and this applies to the modern management world too. Except here the system admin wears the cape: empowering users to be as productive as possible, and at the same time keeping their environment secure.
We concluded in an earlier blog post that with cloud technology, device, time and place no longer put restrictions on the user. What then is left to think about?
The end user’s identity
The identity is and should be at the center of your environment. All modern management, and all decisions regarding the development of new features or onboarding functionality, should always be looked at through “identity googles”.
In a Microsoft world, we secure identity with a product called Enterprise Mobility + Security. This solution makes it possible to create a secure workspace for users, ‘a solution that is loved by end users, and trusted by IT’, as Brad Anderson, Corporate Vice President at Microsoft says.
There are many ways to secure your environment, but to mention them all in one blog post might be a bit too much. Therefore, here are three things we recommend as a starting point…
- One identity
Is there anything more annoying than having separate logins for every application you use during your workday? For the end user it’s a nightmare to keep track of different login credentials. For a system admin, it’s a hassle to administrate.
As mentioned above, identity should be central in your decision process. When reviewing your applications, consider having one identity as a source of authorization, rather than for each application separately.
For this, a cloud-based Software-as-a-Service could be your savior, as many are built for this type of security and readily integrated into Azure AD - Microsoft’s identity and access management service.
If your application doesn't fit or isn’t ready for the cloud, it’s perhaps time to consider how well equipped the application is for the future. Having a legacy application running in a legacy back-end environment will restrict both its functionality and your ability to embrace the future and boost productivity.
- Multi-factor authentication
Mentioning Multi-factor Authentication (MFA) to secure your identity might feel like old news – it’s been around for ages. However, the number of organizations that don't utilize MFA is still way too high. This exposes your business to risk: nowadays, social engineering is easier than ever and it doesn’t matter how complex your password is if you accidentally give it away. In a recent study, 56% of IT decision makers identified targeted phishing attacks as their biggest cybersecurity threat.
- Conditional Access
Conditional Access is one of the best new security features of Microsoft 365. It’s an intelligent security technology that lets you create policies and controls around many different contextual factors, such as user, location, device or app. You can allow or block access for specific users, or challenge them with Multi-Factor Authentication, device enrollment, or a password change. Or you might block access if access is suddenly requested by the same user in a faraway location. With these opportunities you can control and manage how and when users access corporate information.
Conditional Access is an underutilized feature, that would be beneficial for many organizations to start using. But it’s only possible with the power of cloud. By starting the transition over to a cloud-based solution, opening your business to new technology and features that support your modern digital way of working, you expose it to a whole new universe of possibilities.
Do you want to learn more? Download our guide "Securing a productive future for your business":