The past year has been an adjustment for us across many aspects of our lives, it’s been an upheaval no one could have predicted. These changes meant companies had to adapt very quickly to enable their employees to work from home. They have also generated new challenges for companies to overcome. From providing staff with the equipment they needed to be effective to formulating new ways of working to support them.
One of the biggest challenges? Keeping data secure when teams are working remotely.
In this blog, we’ll be looking at how companies can ensure their sensitive data stays safe, while workers are remote with Microsoft Endpoint Manager.
Staying secure remotely
The biggest issue with remote work comes when employees use their own personal laptops, mobiles, tablets, and other devices. In most cases companies may have less control and are more vulnerable to attacks. Using a cloud-based secure service is therefore crucial for companies keeping data safe and protected. This is especially important with remote working and hybrid roles looking like they’re here to stay.
Microsoft 365, a move away from the office server.
In a traditional situation, a central server located in the office controls devices and locks them down securely. The main downfall occurs when the device leaves the office. The server then requires a constant VPN connection to securely connect to it, validate the user or share company information. This is where the recently renamed ‘Microsoft 365’ suite comes in. MS365 enables ‘cloud networking’ to provide a truly secure network, regardless of the location of the device.
What is Microsoft Intune?
Microsoft Intune, a service of Microsoft Endpoint Manager, is a cloud-based device management tool. Essentially it allows you to manage any devices that access company data and mobile applications, and control how they are used. Intune has high levels of customisation, allowing you to create specific policies tailored to your needs.
All-in-all, Intune keeps employees productive from anywhere, while keeping company data secure and protected.
What is Microsoft Azure?
The Azure cloud platform, a service of Microsoft Endpoint Manager, is an active directory that provides a policy of what access levels users should have. It also specifies the user’s access level across devices and applications.
Together with Microsoft Intune, this integration gives total control over who has access, and what they have access to.
By centralising these in one platform, companies can easily:
- Change passwords as and when needed
- Decide who has access to what
The benefits of Intune include:
Security and Control
Intune makes company data accessible for employees wherever they are, while maintaining full control and security.
You are in charge of every element, meaning you can perfectly tailor the platform to your personal specifications. This includes who can see what, where, and the individual policies for your needs.
For example, with just one click you can disable a user from logging in, accessing company folders, email and data, and accessing email or Teams on their phone.
Other security features include:
- “Bring Your Own Device” status. This allows you to deploy Intune on personal devices, while still enabling your teams to work securely.
- Personalisation that enables you to enhance your cybersecurity e.g. additional password requirements.
- The ability to wipe data from lost and stolen devices, or in the event of a breach – with the click of a button.
- Restricted data access and permissions levels: these can be based on the level of employee access, compatibility of device, location, or risk level.
- Security with no additional anti-virus required.
MDM and MAM
MDM (Mobile Device Management) and MAM (Mobile Application Management) are easily installed apps for personal devices used to access company data online. These are especially helpful when devices are not connected to a local office network.
Some examples of data protection:
- A user can’t take a picture or screenshot of company data using their Android phone
- Set new levels of authentication for data access from irregular locations (for example in a different country),
- Data can only be cut, copied, and pasted between management applications
- Users can only ‘save as’ documents to secure locations.
- Mobile device can be locked down when needed
At the same time personal data is still personal
Intune has pre-built policies that ensure that data cannot be shared between work and personal profiles. This means that the company cannot view personal data, additionally the device location cannot be tracked. As it is cloud based, there is also no need for extra storage on personal devices.
Versatile and Scalable
Microsoft Intune is 100% cloud making it quick, scalable, and affordable.
You won’t need to change your operating systems. Intune is compatible with all devices and software, including Android, iOS and Windows. Find out if your operating system is supported by Microsoft Intune here.
All User information can also be changed in one place, this would affect every device that each user is registered on.
Jamf Pro – for Mac Devices
Those individuals using Macs can utilise an add-on called Jamf Pro. This provides the same level of granular control with the Macs as they would have with PC’s.
Enhanced productivity
All your team will need is a secure Wi-Fi connection to access applications, regardless of device. Documents can be worked on collaboratively, and video meetings can be easily organised.
Additionally, any issues that arise are also easier to fix remotely, saving on time and admin costs.
Intune is an excellent tool for collaboration, both with colleagues and third parties. Alongside VPN, Intune provides the complete remote working experience.
A Blueprint for Security for Cyber Essentials and ISO27001
This is the way forward for obtaining the government Cyber Essentials Certification or even ISO27001. It is easier to obtain when you already use a highly secure infrastructure, with restricted access to certain devices or applications per user. It also helps you prove that you always know where your data is being held.
Ready for Remote Working peace of mind? We can help!
Contact No Problem IT today to find out more about migrating to Microsoft Endpoint Manager.
We will support your efforts to protect your data, and enable a more productive and effective remote team.
