According to the Association of Corporate Counsel, unintentional employee error is the top cause of data breaches. And with 87 percent of IT professionals concerned about the security of cloud data, according to a Dimensional Research survey conducted for Druva, it’s easy to feel vulnerable. Preventing these unintentional errors can help keep your data protected.
The problem—simple passwords
Simple or reused passwords open the door to hackers. According to SplashData, the top five worst passwords of 2015 were:
123456
password
12345678
qwerty
12345
But even a great password can pose problems when used on multiple sites. Hackers know that people like to reuse passwords, so when they crack one, they test it on multiple sites, especially those that may contain higher value information.
Your solution—Educate employees on how to create a strong password. Then put a policy in place to ensure passwords meet minimum complexity requirements and require that users change them often. Also, encourage secure password-keeping practices such as using third-party services that store passwords in the cloud and secure them all with a master password.
The problem—falling for phishing
According to a Verizon Data Breach report, phishing is the second most common threat and is implicated in around a quarter of all data breaches. If a phishing message ends up in an employee’s inbox, there’s a good chance they will click the link.
Your solution—In addition to top-notch security and secure email filters, encourage users to report suspicious-looking messages—similar to reporting junk mail. Once reviewed and identified as a threat, add these messages to service-wide filters.
In Exchange Online, Email Safety Tips provide an additional layer of protection with a warning to the user in messages that are marked suspicious.
The problem—BYOD practices
Bring-your-own-device (BYOD) policies are widely used in today’s business landscape, but employees accessing sensitive information from personal devices can open the door to security threats. According to research from the Ponemon Institute, a total of 67 percent of respondents cited employees using their devices to access company data as likely or certainly the cause of data breaches.
Your solution—Create clear BYOD policies and educate employees on how to follow these guidelines—including what’s at risk if they’re ignored. For additional layers of security, require the use of approved secure mobile apps and multi-factor authentication when accessing company information.
The problem—lost or stolen devices
Lost devices are another leading cause of data breaches. And not just employee-owned devices—even your company’s devices are at risk, leaving your organization exposed to threats if they are lost or stolen.
Your solution—Educate employees on proper device security on- and off-premises, and instruct them to report lost devices as soon as possible. Enable security policies to ensure you can remotely access, locate and wipe a device if necessary.
Continually educate employees to minimize risk of common user-error breaches. Security features available with Office 365 help mitigate the risks introduced by employees. Data Loss Prevention (DLP) proactively scans emails and notifies users before they send sensitive information. Information Rights Management (IRM) allows you to control email access permissions to keep unauthorized people from printing, forwarding or copying sensitive information. Additionally, Office 365 gives you the option to use Microsoft Defender to safeguard mailboxes against sophisticated attacks in real time.
[/vc_column_text][/vc_column][/vc_row]
5 keys to simplified mobile protection
Businesses today are reaping the benefits of mobile, like increased productivity, lower overhead, and happier employees. However, mobility can bring added risk, requiring greater focus on protecting data, enabling secure employee access, and managing Bring Your Own Device (BYOD) as personal devices are used for work. With the right tools, managing this risk doesn’t have to be complicated.
Here are five components of your business that Enterprise Mobility + Security (EMS), in conjunction with Office 365 addresses.
People - Give employees the access they need, when and where they need it
Mobile devices - Manage your company resources, regardless of device
Apps - A single platform to manage every app
Data - Protect data wherever it goes
Infrastructure - The foundation that enables mobility
Productivity is the goal of mobility. Security is the requirement. Enabling secure mobile productivity doesn’t need to be overly complicated or expensive. With Enterprise Mobility + Security (EMS) and Office 365 working together, you ensure employee productivity while keeping your company protected in a mobile world.
[vc_row][vc_column][vc_cta_button2 h2="Find Your Best Path To A Truly Consistent Hybrid Cloud" title="COST BENEFIT ANALYSIS" size="lg" position="bottom" link="url:https%3A%2F%2Fwww.managedsolution.com%2Faws-azure-compare%2F||" accent_color="#f4c61f"]
Achieve IT infrastructure cost savings of at least 50%
Call Southern California’s most trusted name in cloud at 800-208-3617 for real time pricing and a cost benefit analysis for Microsoft’s Azure and Amazon’s AWS.
[/vc_cta_button2][/vc_column][/vc_row]
Manage BYOD and corporate-owned devices with MDM solutions
With the increasing volume and diversity of both ‘bring your own device’ (BYOD) and corporate-owned devices being used in organizations today, a growing challenge for IT departments is keeping corporate information secure. Microsoft mobile application management (MAM) and mobile device management (MDM) solutions help minimize this complexity by offering management capabilities both on-premises and in the cloud, all from a single console.
For more information, watch Enterprise Mobility: Mitchells & Butlers boosts service with managed mobile platform:
MANAGE DEVICES AND APPS FROM THE CLOUD
With the proliferation of mobile devices in the workplace, employees can, and do, work from just about anywhere. To stay productive, this mobile workforce demands consistent access to corporate resources and data from any location on any device. This BYOD trend has introduced significant challenges for IT administrators who want to enable enterprise mobility while ensuring that corporate resources are protected from unauthorized access.
Leveraging Microsoft Intune, you can deliver application and device management completely from the cloud, or on-premises through integration with System Center Configuration Manager, all via a single management console.
Microsoft has also incorporated manageability and data protection directly into the Intune-managed Office mobile apps to help maximize productivity while providing the flexibility to extend these same management capabilities to your existing line-of-business apps through the Intune App Wrapping Tool. You can choose to manage the Office mobile apps with or without enrolling the device for management to protect corporate information without the risk of intruding on a user’s personal life.
Intune is included in Microsoft Enterprise Mobility + Security—a cost-effective way to use enterprise mobility cloud services for all of your employees.
BENEFITS
Deliver and manage apps across a broad range of devices, including iOS, Android, Windows and Windows Phone all from a single management console
Simplify administration by deploying required apps automatically during enrollment and allowing users to easily install corporate apps from the self-service Company Portal
Help maximize productivity with the Office mobile apps your employees know and love while preventing the leakage of company data by restricting actions such as copy/cut/paste/save in your managed app ecosystem, and extend these capabilities to existing line-of-business apps
Deploy certificates, WiFi, VPN, and email profiles automatically once a device is enrolled, enabling users to seamlessly access corporate resources with the appropriate security configurations
Provide comprehensive settings management for mobile devices, including remote actions such as passcode reset, device lock, and data encryption
Remove corporate data and applications when a device is unenrolled, noncompliant, lost, stolen, or retired from use
Extend your System Center Configuration Manager infrastructure through integration with Microsoft Intune to provide a consistent management experience across devices located on-premises and in the cloud
For more information, watch the mobile device and application management overview video below:
Microsoft Intune: Mobile Device and Application Management Overview
[vc_row][vc_column][vc_column_text]
State of BYOD and Mobile Security Report: Latest Insights, Trends and Stats
The Information Security LinkedIn group released a new survey from its 200,000-member community on the state of bring-your-own-device (BYOD) and mobile security initiatives in their enterprises. We provide our take on some of the findings from this comprehensive survey‘s 1,100 responses.
To BYOD or Not?
According to the survey, over 60 percent of enterprises allow or tolerate employee use of personal devices to access enterprise data. Only a small minority of enterprises, 11 percent, have no plans to allow such usage. Enterprises that allow BYOD expect the primary benefits to be improved employee productivity and satisfaction and better overall security, and 58 percent expect related budgets to increase or stay flat.
Our Take: Device ownership is destined to become a nonissue, and IT organizations must adopt new capabilities to secure enterprise applications and data on a shared personal or corporate data device. Enterprises are embracing BYOD programs as an opportunity to invest in the secure productivity of their employees as opposed to a “cost of doing business.” Securing corporate data without making assumptions on device security makes enterprises less complacent and more rigorous in assessing and addressing security risks.
Enable Flexible Data Access
According to the survey, email access allowance is still king at 86 percent of responses, followed by access to documents, custom mobile applications and cloud services. Overall, structured data in enterprise databases is still deemed most valuable, with unstructured data a close second.
Our Take: Our devices enable access to critical enterprise resources. Sensitive data and transactions are accessed, stored locally and exchanged not only with data center apps, but also third-party services. BYOD enables a “personal” device image, but enterprises must take steps to secure local app execution, encrypt enterprise data where applicable and detect access and transactional risk.
Data Loss Doesn’t Equal Device Loss
The biggest mobile security risk, according to the survey, is losing enterprise data. In essence, the risk categories can be divided into three main areas: data (stolen, lost, unauthorized access), threat (fake apps, malware, exploits) and management (endpoint security, regulatory compliance).
Our Take: Enterprises must address each of these three dimensions through a holistic framework. Many enterprises have made progress on addressing the “lost device” scenario and data-loss risk with enterprise mobility management suites that enable a remote wipe of enterprise data from mobile devices. However, securing devices against compromise has a long way to go; this is partly due to the restrictions enforced by mobile OS vendors on the security community, which limits the ability to secure mobile platforms.
Mobility Impact: Tools and Resources
Enterprises are investing in resources (mostly security personnel) and tools (mobile device management and endpoint security solutions) to address the emerging mobile threats.
Our Take: Enterprises are taking steps to reduce mobile-related security risks. To minimize the burden, such resource allocation should occur in the context of a comprehensive plan that addresses enterprise-specific risk factors. For example, banks that provide online banking services to customers must address transactional risk from both laptops and mobile devices that they have absolutely no control over. Malware and phishing risks that are common to that environment should be assessed when new capabilities are rolled out (e.g., remote deposit capture).
Reducing Attack Surface: Beyond the Basics
Simple steps are the easiest to implement. Most enterprises require password protection to devices accessing enterprise data; this will deter the occasional thief but is probably no match for a focused adversary. Encryption and remote wipe provide additional layers of security.
Our Take: While these measures are a good start, security should be embedded in the enterprise mobility initiatives. For example, secure development practices and mobile penetration testing will reduce vulnerabilities that can be exploited by malware, thus reducing the attack surface. While the malware threat has quickly grown, its capabilities have slowly evolved on mobile devices. Recent developments should drive security teams to reassess the threat and the possible impact of credential loss on their enterprise security.
Summary
The survey shows enterprises’ increasing readiness to embrace BYOD programs. Enterprises are making investments in people and tools to manage the key risks to enterprise resources (applications and data), driven by mixing corporate and personal data and the evolving threat landscape. The business rationale for these investments is boosting employee productivity while improving security as a broader set of risks is taken into consideration; this is a no-brainer since we expect BYOD to become table stakes for virtually all enterprises in the next few years. Given the utility and importance of mobile devices to employees’ personal and work lives, this looks like a sound investment.
[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text][vc_cta_button2 h2="See how Managed Solution can improve your mobile security" txt_align="center" title="Here!" color="orange" size="lg" position="bottom" link="url:https%3A%2F%2Fwww.managedsolution.com%2Fems||"][/vc_cta_button2][/vc_column_text][/vc_column][/vc_row]
Enhancing Microsoft Office 365 with the Enterprise Mobility Suite (EMS)
By adding the Enterprise Mobility Suite to Office 365, your employees are enabled to access corporate data from any mobile device with a single sign-on, allowing your workforce to be productive from just about anywhere. This solution also provides IT with the high-level control that allows users to freely collaborate together, while protecting your company’s data.
The Enterprise Mobility Suite is a comprehensive cloud solution from Microsoft that enables our customers to meet their IT and Bring-Your-Own-Device (BYOD) challenges.
It addresses our customers’ need for an end-to-end secure and productive managed cloud environment for their mobile workforce that encompasses identity, Mobile Device Management, and Mobile Application Management.
Office 365 comes standard with the basic version of Azure AD, which includes MFA capabilities for Office 365 workloads only. To get the enterprise-grade services, you need EMS for its advanced identity management, security, and auditing capabilities, as well as Azure AD Premium’s enterprise-grade synchronization between on-premises AD and Azure AD.
Additionally, EMS includes Azure RMS to provide protection for non-Office file types, as well as access for developers to Azure RMS SDK for Rights Management in on-premises Windows Server file shares.
Today’s workforce is mobile, making the business extend beyond office and customary work hours. The Enterprise Mobility Suite helps businesses stay agile and competitive, while keeping their data, tools, and resources accessible, yet more secure, anywhere, anytime.
Who should be interested?
Small and mid-size businesses with 50-500 seats* *Note that Telcos may be ready for EMS once they add Intune for mobile device management to Office 365
Why is EMS important?
Ensures that IT will be able to manage user access to the information they need quickly, easily, and securely
Provides their users with consistent access to resources from a variety of mobile devices over diverse applications, thereby boosting collaboration and productivity
Enables secure mobile access to data
Overview of Enterprise Mobility Suite that support customer scenarios
The suite at-a-glance:
Microsoft Azure Active Directory Premium for hybrid identity management
Microsoft Intune for mobile device and application management
Microsoft Azure Rights Management for information protection
Hybrid Identity and Access Management: Azure AD Premium
Provides cloud-based, single sign-on password capabilities for more than 2,500 popular SaaS applications
Reduces costs through self-service portals for resetting passwords, or requesting application access, without the help of IT resources
Integrates with existing on-premises investments
Employs rich, robust synchronization of user identities from on-premises directories
Reduces risk and supports compliance requirements with comprehensive Multi-Factor Authentication (MFA) options
Hybrid Identity and Access Management: Azure AD Premium
Delivers mobile device and application management across popular platforms: Windows, iOS, and Android
Manages and protects corporate apps and data on almost any mobile device
Maximizes productivity with Intune-managed Office mobile apps
Simplifies administration with a single management console in the cloud with Intune or on-premises
Information Protection: Azure AD Premium and Azure Rights Management
Helps retain control of corporate data assets wherever its shared
Delivers information protection in the cloud or in a hybrid cloud with an existing on-premises infrastructure
Integrates information protection into your native applications with easy-to-use software development kit (SDK)
63% of workers believe that nine to five is an outdated concept.
The research from CVBuilder found that many employees are working outside of office hours. 50% will check or respond to work emails outside of work, and 24% check work emails when they are with family and friends.
38% said they continue to work outside of office, with 62% seeing this continued connectivity and checking as a choice instead of an obligation.
50% of those aged of those aged 45 to 54, compared to 31% of those aged 18 to 24, were willing to work outside of office hours.
Rosemary Haefner, Chief HR Officer at CareerBuilder, said: “Workers want more flexibility in their schedules, and with improvements in technology that enable employees to check in at any time, from anywhere, it makes sense to allow employees to work outside the traditional nine-to-five schedule.
“Moving away from a nine-to-five work week may not be possible for some companies [yet], but if done right, allowing employees more freedom and flexibility with their schedules can improve morale, boost productivity and increase retention rates.”
Male workers are more likely than female workers to work outside of office hours (44% compared to 32%); check or respond to work emails outside of work (59% compared to 42%); and check in on work while they are with friends and family (30% compared to 18%).
However, female workers are more likely to go to bed dreaming of work than their male counterparts (23% compared to 16%).
This survey was conducted online within the US by Harris Poll, on behalf of CareerBuilder. 1,078 employees were asked.
Mobile Device Management can make life simpler not only for your IT department but also your employees. The solution enables the control of mobile devices entering an organization’s network, whether they are provided by the company or part of a Bring Your Own Device (BYOD) program. Learn more.
By Jeff Barr, Amazon WorkSpaces
AWS customers are deploying Amazon WorkSpaces at scale in medium and large organizations. For example, health care company Johnson & Johnson is using WorkSpaces to realize the long-promised security and efficacy benefits of virtual desktops, in a world populated by a diverse workforce that would like to use their own computing devices if possible (also known as BYOD – Bring Your Own Device). You can view their recent presentation, Deploying Amazon WorkSpaces at Scale, to learn more about what they did and how they now support BYOD for 16,000 contractors and employees, along with zero clients for another 8,000 users.
New Metrics
In order to help our customers to monitor their WorkSpaces deployments, we recently added additional Amazon CloudWatch metrics for WorkSpaces. These metrics are designed to provide administrators with additional insight in to the overall health and connection status of individual WorkSpaces and of all of the WorkSpaces that belong to a particular directory.
Like all CloudWatch metrics, these metrics can be viewed in the AWS Management Console, accessed via the CloudWatch APIs, and monitored by CloudWatch Alarms and third-party tools.
The new metrics are enabled by default and are available to you at no extra charge.
Here’s what you get:
Available – WorkSpaces that respond to a status check are counted in this metric.
Unhealthy – WorkSpaces that do not respond to the same status check are counted in this metric.
ConnectionAttempt – The number of connection attempts made to a WorkSpace.
ConnectionSuccess – The number of successful connection attempts.
ConnectionFailure – The number of unsuccessful connection attempts.
SessionLaunchTime – The amount of time taken to initiate a session, as measured by the WorkSpaces client.
InSessionLatency – The round trip time between the WorkSpaces client and WorkSpaces, as measured and reported by the client.
SessionDisconnect – The number of user initiated and automatically closed sessions.
Here’s how you create an alarm that will fire if a user cannot connect to their WorkSpace:
Available Now: The new metrics are available now and you can start monitoring them today!
The Cloud for Productivity and Mobility Ebook is a guide for small and midsize businesses. As mobile work becomes the norm, turn to cloud-based solutions to extend productivity, collaboration, and business management tools to employees on the go.
Mobile means business. During the past decade, mobile devices have become ubiquitous in our lives, performing a range of activities that were formerly limited to desktop and laptop computers. Now, mobility is an essential tool for startups and smaller businesses to empower workers and connect with customers.
Contact us Today!
Chat with an expert about your business’s technology needs.