Remote Work Cybersecurity: The Journey to Protecting Your Data, Assets, and Business
In their rush to enable employees to work from home during the pandemic, companies hurried to configure remote work platforms without realizing they were leaving their data and assets more vulnerable than ever.
That’s because there are many steps they need to take in order to secure a hybrid environment before letting their teams access sensitive data on unsecured networks.
There is no doubt, remote work is here to stay. But what seemed like a temporary arrangement has had lasting effects requiring a more permanent, managed security solution.
According to a report by Pew Research Center nearly two years into the COVID-19 pandemic, roughly six-in-ten U.S. workers say their jobs can mainly be done from home (59%) or are already working from home most of the time. According to the 2021 State of Remote Work, one in three employees said they would quit if forced to give up remote work.
And companies are planning accordingly.
A survey of 278 executives by McKinsey in August 2020 found that on average, companies plan to reduce office space by 30 percent.
Unfortunately, the reduction in office space has not shrunk the virtual attack surface. Instead, it has made it much wider, less uniform, and more easily penetrable by bad actors.
One of the main reasons? People simply weren’t taught the best practices for improving their cybersecurity hygiene. So we teamed up with Microsoft to create the Remote Work Action Plan: The Definitive Guide to Improving Workplace Cyber Hygiene.
A More Permanent Solution
While many companies panicked during the pandemic, our CEO, Randy Richardson, took a thorough approach to operationalizing best practices in securing Microsoft 365.
“We looked across our base of hundreds of customers and saw the massive shift to remote work was creating an equally massive increase in vulnerability,” he said.
“The one platform almost all had in common was Microsoft 365. We knew if we could create a playbook for securing Microsoft 365, it would solve a big problem for many customers. What we didn’t see was how long-lasting this problem would be.”
Richardson, along with Tech Heads Security Architect Michael Nelson entered into deep consultation with lead Security Architect at Microsoft, Matt Soseman.
Together they created a comprehensive playbook for operationalizing best practices in securing Microsoft 365 at scale.
“I am very impressed with the playbook Tech Heads has developed around securing Microsoft 365. I have not seen another partner take such a thorough approach."
Tech Heads launched THInc 365™, a managed security service for Microsoft 365 in June of 2020, based on that playbook.
Since then, dozens of customers have been able to improve their security measures and avoid costly attacks amid the rise in their remote workforce.
“THInc 365 implements configuration best practices alongside data backup and alert monitoring in order to protect our customers’ data, identity, endpoints, and email,” Richardson said.
“It’s a comprehensive and managed, done-for-you approach to bringing your Microsoft 365 instance up to speed with the huge shift to a remote workforce.”
Time To Think Long-Term
Even though these new remote work arrangements are now looking permanent, many corporate instances of Microsoft 365 remain in less than optimal states of security. Especially those of many SMBs forced to focus constrained resources on shifting priorities during the pandemic.
Now that the initial panic is over many companies have not gone back to implement best practices in securing their environments, which now have expanded attack surfaces and weaker defenses, creating massive vulnerability.
That’s why we are now making our Remote Work Action Plan available for more companies to download. You can get your copy here.
Learn more about THInc.™ 365
- Why MSPs Should Implement the CIS Controls
- A Guide to Evaluating Your Managed Service Provider (MSP)
- How to Find an MSP That’s a Right Fit For Your Organization
- Anatomy of a Breach, Client Case #2: The Importance of Security Awareness Training
- Anatomy of a Breach, Client Case #1: The Importance of an Incident Response Plan