Using Cyber Security Tech to Increase Business Productivity
Most businesses these days have heard about the importance of backing up. There are many reasons why it's a business critical function (and if you happen to be a business who isn't backing up your data, then you need to stop reading, get this sorted immediately and then come back to this article later). One of these reasons is ransomware, another cyber security buzzword that you're most likely familiar with.
If these concepts are new to you, then you should check out our article 10 Steps to Cyber Security for Business, which gives you a great introduction.
We aren't saying they're not important concepts. But cyber security goes beyond ransomware and backups.
In fact, implementing cyber security technology in your business can also increase business productivity and compliance without breaking the bank. By implementing incremental changes and choosing the right technology, you'll be able to keep up with or even get ahead of the technology curve.
We've talked about this one before and you can read about it in detail in our article on Multi-factor Authentication and why your business needs it.
What you need to know about it though, is that even Microsoft is reporting experiencing really, really high numbers of enterprise users accounts being compromised. And it's all because only 11% of users have two-factor authentication turned on for their account. The latest figures show that 1.2 million accounts were compromised in January alone. In an organisation of 10,000 people, that's 50 users a month having their accounts hacked*.
Now, your organisation might be much smaller than this. But that doesn't mean you're not at risk. And the problem, is that when you have even one user experience a compromise, it opens your organisation up to huge efficiency issues, because of the way in which we share information. It only takes one user breach for an attacker to steal everything. And this has huge ramifications to business efficiency when you think about cleaning up the mess it makes.
The efficiency gain here, is that two-factor authentication is super easy to turn on for many, many pieces of technology.
So if you haven't done it, do it now. Right now.
Azure Active Directory
Azure Active Directory (Azure AD) is the modern equivalent of the old domain controller that used to be in your office.
Essentially, it manages user access.
When it's setup, Azure AD works like this. Peter can access XYZ but not ABC. Susan can access both XYZ, ABC + JKL.
These permissions are governed by management and designated by IT to manage security access for your organisation. Not just in terms of file permissions, but also where and from what device Peter can have access, what Peter sees when he logs onto a workstation and if Peter can have access to his information after hours, or from a country other than Australia.
The best part about this, is that if you have an Office 365 subscription, a basic version of Azure AD is already included, so you can start to explore the opportunities that Azure AD offers your business immediately. It truly simplifies designating access permissions for business.
Unfortunately though, two of the most useful features for SMEs aren't included in the basic version. These are single sign-on and geo-blocking. To get access to these, you'll need an Azure AD P1 or P2 license.
If your business has access to dozens of applications or cloud portals that manage and store the information you use to do your job, then you're probably very sick of having to remember usernames and passwords. Because of this, you're also likely to be reusing the same passwords across multiple sites and services. And you'll know that this is a big no-no, but you do it anyway...
Or perhaps your preferred method is to use different passwords but stick them to your monitor on a post-it note. Not ideal.
And then there's the challenge that because your passwords are so long (because this is best practice) you'll constantly be getting locked out by accidentally entering them incorrectly, costing you time and causing frustration.
There is a better way. It's called single sign-on.
When a user is setup through Azure AD, they can have a dashboard created as the homepage in their internet browser. This dashboard contains links to all of the commonly used applications or web portals that they access daily. The dashboard holds all of the usernames and passwords for each service, so that when you click on the site you want to go to, it automatically enters that information for you and you don't need to remember the individual passwords. All you have to remember is the master password for your dashboard.
If you have two-factor or multi-factor authentication setup, then you'll need to enter the code, scan your fingerprint (or both) to finish the login process, but single sign-on will greatly reduce the reuse of passwords and user frustration.
And it get's better.
Your team don't even need to know their passwords, beyond that master password. So if Julie leaves the organisation, she won't be able to access any company information from home, because she doesn't know the password in the first place.
Plus, if a password needs to be changed for any reason, your IT administrator can make the password change for all users seamlessly and they won't know that anything is different.
You can even customise access via groups or role types with some simple setup.
Single sign-on is more efficient from a user management point of view as well as making things more efficient for users every day.
Single sign-on is included in Azure P1 licenses.
This handy feature basically allows you to block any and all sign-in attempts from outside Australia (or from any combination of countries that suit your organisation).
So if you have people in Australia, New Zealand, India and the UK, you can block sign-in attempts from countries other than those. This immediately reduces the chance that a hacker from China, the Ukraine or Iran can even attempt to gain access to your data. So they'll just move on to other easier targets.
Geo-blocking is available in Azure P2 licenses.
Make cyber security part of your technology plan for this year
Cyber security should be a part of your technology plan this year and every year. But while you're making your business more resilient to cyber threats, you can also make it a more efficient and happy place to work, by implementing cyber security measures that also help increase your productivity.
Talk to your IT provider today to see how you can implement some of these great features into your business.
* This data was taken from a Forbes article. You can read the article in its entirety here.