20 April 2020
Cloud Backup, Office 365, ESET

-by Mark Lawton, Business Development Director

Apologies for the blatant use of Conwy Castle as the backdrop - any excuse to showcase North Wales! Although I was looking for something eye catching that (a) represented a secure environment and (b) represented our locality. So I think it is justified.....

After 4 weeks of lock-down, with the majority of our customers being forced to work from home/remotely, I thought it was a good time to reflect back on how we have been helping them to keep their users safe and productive. Clearly Teams has played a big part in helping employees stay connected - with their colleagues, customers, partners and the rest of the organisation. As a company that already has remote working built into our Disaster Recovery plan, moving people from the office to home was not a massive upheaval as things like phone numbers were already part of Skype/Teams.

So other than the obvious human interaction and banter that we all miss, it has been business as usual for Risc. That said our call volumes have been higher than normal with a massively increased demand for help with setting up/configuring end user devices and Teams. Since March 16th we have trained over 350 end users in Teams helping them to better use the tools they have available. The majority of these session were delivered over Teams in conjunction with our friends at Boardroom Briefings.

Like every other business, Microsoft themselves have publicised a lot of information intended to help organisations embrace remote working and to adapt their workforce, and this is as good as anything I have seen and well worth a look if you have employees working remotely, especially using Office 365. In addition, we have been working on a number of "FastTrack" roll-outs for our customers where we are helping them to get Teams up and running across the business in 2 days.

The increased move to remote working also brings with it the increased risk of exposure to Phishing and Malware attacks - with people outside of the office and potentially using non-business devices to access email and documents. With that in mind we asked our Head of Operations and Technical Services, Bruce Laing, to lay out some of the things you should be thinking about now your users are working remotely. There are some short-term fixes – the good old quick wins that you can do right now – and some longer-term projects that might take a bit more time and consultation.

Quick Wins

These will have minimal impact on your end users and likewise your IT support team

  • Ensure your users’ PCs are backed up regularly. Make sure all the devices your staff use are backed up, so if they usually operate from a desktop in the office, but are using a laptop at home, you need to ensure you’re backing up their laptop as well
  • Backup Office 365 data regularly. For some organisations, this might be the first time you’ve used Office 365 fully. Now that you’re storing a lot more data in the Cloud, you need to look to back up your Cloud services as well as your machines
  • Rollout antivirus. Ensure that an Antivirus solution is deployed onto every device in use, including any personal devices. This is especially important if users are now operating from their home PC rather than a company owned device for example.
  • Use DNS level security and web filtering. Protects you from unauthorised websites, and prevents users from accessing websites they shouldn’t be, allowing you to uphold your internet browsing policy using software.
  • Keep on top of your Office 365 Admin alerts. Checking these regularly will allow you to respond quickly if an account has been breached.
  • Use Office Message Encryption (OME) for security. This encrypts your email so that your business data stays confidential.
  • Use Azure AD P1. This provides additional logging capabilities if you experience a breach - and is needed for Conditional Access (see below).
  • Enable Advanced Threat Protection (ATP). This scans all your emails attachments and web links to detect malware. This will allow users to check whether they have received or have accidentally sent malware.
  • Educate Staff. We’d recommend the following:
      • Setup a central point for announcements about working from home and Covid-19 so staff are always up to date and know where to go to find information.
      • If there are changes in policies or working practices, document these and add them to your centralised space. Again, this makes it easier for staff to stay up to date, and is particularly important for users that have been furloughed – they’ll have easy access to everything they need to know both during and after furlough, and is much easier to manage than scrolling through troves of emails.
      • Ensure your staff have security training, know how to access systems, and what to do and who to contact is they have any issues.

Longer Term Projects

These will have some impact on end-users, as additional steps or training may be required, but we would still recommend deploying these as soon as is practical.

  • Use a Remote Monitoring and Management (RMM) tool. This will help you ensure your users PCs are running all the latest patches, Operating Systems, and 3rd party apps.
  • Rollout Microsoft 365 ideally, or at least Intune (Mobile Device Management - MDM). This will allow you to control work-based apps and data on mobile devices and should be rolled out across all the devices your staff use.
  • Consider switching on Security Defaults. Security defaults in Azure Active Directory make it easier to be secure and help protect your organisation. Security defaults contain preconfigured security settings for common attacks.
  • Switch on Multi-Factor Authentication (MFA). Included in Security Defaults, MFA immediately increases your account security by requiring multiple forms of verification to prove your identity when signing into an application. MFA prevents >99.9% of all account compromise.
  • Use Conditional Access. This allows you to block access attempts that don’t meet certain conditions. For example, you could require a secondary authentication method for sign in attempts from outside the UK as your passwords can be easily compromised.
  • Disable legacy authentication. Prevent users from accessing company information from unauthorised devices and applications.
  • Rollout Cloud App Security. This will provide more visibility into what’s happening with your data, where it’s being accessed from and by whom.
  • Configure and deploy Data Loss Prevention (DLP) and Azure Information Protection (AIP). This will ensure that your data is always kept safe and will allow you to keep on top of who has access to your data.
  • Set up customer / supplier Teams. This allows you to share data securely and confidently with your customers and suppliers.

Hope some of that helps. If you need any more information please do not hesitate to get in touch with us at Risc. More information is available here or email