Security in the Modern Workplace
The Modern Workplace is changing rapidly, and so are the security standards. Many organizations migrated towards a more flexible work model that includes work-from-home opportunities for their employees. When employees take their devices off the corporate network, a number of security concerns arise. There is a similar concern for small-medium-sized businesses operating with a BYOD program. Organizations have a duty to protect their customer data and their corporate devices, so having an effective security strategy is crucial. The Microsoft Modern Workplace solution tackles security using Microsoft Enterprise Mobility + Security, which includes Azure Active Directory, Microsoft Defender for Endpoint, and Microsoft Endpoint Manager.
Azure Active Directory
Verifying the identity of the end-user is an important consideration when dealing with off-network devices. Organizations should aim to empower their employees to work from anywhere, while also prioritizing the security of their data. Azure Active Directory is a cloud-based application that is used for Identity Access & Management. Azure AD provides Single Sign-On (SSO) and multi-factor authentication methods to allow your employees to work from anywhere after they verify their credentials.
In the Modern Workplace, Azure Active Directory provides flexibility to businesses who need to offer conditional access to their data and devices. Conditional access allows organizations to customize their security strategy by setting customized policies. Common conditional access policies include granting or blocking access, such as:
- Requiring a company-issued device for certain applications
- Requiring a trusted location
- Requiring multi-factor authentication to access specific applications or to perform specific tasks
- Blocking access with risky sign-in behaviors
Microsoft Defender for Endpoint
Microsoft Defender for Endpoint is a cloud-based application that detects, assesses, and manages risks and vulnerabilities. This application is part of the Microsoft Modern Workplace offering to address IT security. Microsoft Defender for Endpoint offers a unified security management platform for endpoint protection with rich APIs.
Modern Workplace vulnerabilities can arise from many sources and can be challenging to monitor and detect. With Microsoft Defender for Endpoint, the detection and management of risks are done from one centralized management platform. The Microserve team offers managed hunting services to proactively monitor the environment and identify critical threats. Microsoft Defender for Endpoint also includes the next-generation protection, Windows Defender Antivirus. It reduces application-based vulnerabilities with rules that help prevent malware.
Microsoft Defender for Office 365
Microsoft Defender for Office 365 is an application that offers native protection for Office 365. With phishing scams on the rise, Microsoft Defender for Office 365 uses advanced AI that detects and filters out emails that may compromise your network such as emails containing malicious links, ransomware, targeted attacks, and more. Within the Office 365 dashboard, you can also do investigations to track attacks across your Office 365 environment, and can remediate these potential threats.
Microsoft Defender for Identity
Microsoft Defender for Identity is a cloud-based platform that was referred to as Azure Advanced Threat Protection or Azure ATP. Suspicious activities can reveal compromised devices or insider threats. To combat this, Microsoft Defender for Identity uses built-in intelligence to profile user behaviour and identity behavioural anomalies. With the platform, you gain access to comprehensive reporting to give you a snapshot of your users’ activities across devices. Organizations also use Microsoft Defender for Identity to make it harder to compromise user credentials and to access reporting that helps to reduce attack surfaces.