Many business leaders are recognizing that how their employees work and where they are working from is beginning to shift. Business is migrating more and more to the cloud all the time. The days of when all data was stored on a server in the back room is quickly fading away.
But because data is becoming more accessible, it also means that it is likely available from devices outside of your company’s control.
The initials, “BYOD” (Bring Your Own Device) typically means that employees are using personal cell phones for email. There is now a shift, here too. Employees are gaining access to larger amounts of company data through Microsoft Teams, OneDrive, or similar collaboration tools. Do you have controls in place to keep that data secure or will that data be beyond your control if for example, an employee leaves with it synced to their device?
Set important ground rules
Ask yourself, what company data can be accessed from a personal computer? An employee being able to remote-in to their work computer from their home computer might mean saving you the expense of buying them a laptop, which is great. But have you set expectations and put policies in place to give employees clear distinctions on how to keep company data and remote access secure?
Do they know how to contain sensitive data to their company computer, so it doesn’t end up on their personal computer?
Convenience versus security
Try to visualize a spectrum. At one end of that theoretical spectrum is the luxury of convenience and at the other end is the importance of security. Microsoft cloud solutions, like OneDrive and Teams provide a great deal of convenience. On the other hand, they can provide too much of a good thing, which invites potential risk when we don’t find a balance on that theoretical spectrum.
Let’s image you put everything into OneDrive using simple passwords and without enabling multi-factor authentication (MFA). You will find, for example, that being able to sync to any device is highly convenient but it is not very secure. So, if we shift a little to the other end of the security versus convenience spectrum and put proper controls in place, we can then ensure your team stays efficient but also very well protected. Achieving that balance may mean a better password policy is required. You may have to help users understand MFA, and not allow them to sync your entire company’s OneDrive to their shared family computer. It will be worth it as you will be better off for taking the time to set these important ground rules.
Every business is going to need to find the right place on the convenience — security spectrum. We can help you find that balance and identify when you may be leaning a little too far in one direction or the other.