Work remotely and your response plan

Last week, as COVID-19 cases continued to spread around the world, millions of people moved to remote work. Many of our customers have asked us to share the details of how we enable remote work for such a large workforce. Let’s get into the top 9 ways to help you enabling remote work.

1. Measure your organization's security posture

From a centralized dashboard in the Microsoft 365 security center, organizations can monitor and work on the security of their Microsoft 365 identities, data, apps, devices, and infrastructure. Following the Security Score recommendations can protect your organization from threats.

2. Secure identity first

Azure provide the ability through it's security products to help protect those identities much more effectively than traditional network/data-center monitoring. You should consider to apply User identity and access management practice and improve security by protecting elevated-privilege accounts.

3. MFA offers security without compromising user experience

Enable Azure MFA to support remote work scenario and use this all-in-one guide to help you plan, test, and deploy Azure MFA in your organization.

4. Manage and secure BYOD devices

Modern management and security principles driving our Microsoft Endpoint Manager vision. We should offer self-service enrollment, once device enrolled, MEM then applies security baselines or remotely run device actions.

5. Data leak prevention on Windows 10 BYOD devices

With Windows Information Protection (WIP), enlighten apps can differentiate between corporate and personal data, correctly determining which to protect based on internal policies. Corporate data is encrypted on the managed device and attempts to copy/paste or share this information with non-corporate apps or people will fail.

6. Meetings and collaboration

Microsoft Teams is built on the Office 365 hyper-scale, enterprise-grade cloud, delivering the advanced security and compliance capabilities our customers expect. See more information about Teams-specific security and compliance:

• Microsoft Teams Essentials for IT: Security and Compliance (12:42 min)
• Microsoft Teams Controls for Security and Compliance (10:54 min)

7. Access to line of business (LOB) applications

Microsoft has migrated most of our legacy applications to the cloud. But even with most applications accessible in the cloud, some still require VPN. Azure Active Directory's Application Proxy provides secure remote access to on-premises web applications. After a single sign-on to Azure AD, users can access both cloud and on-premises applications through an external URL or an internal application portal. 

8. Remote work with Windows Virtual Desktop as part of your COVID-19 response plan

Having an unplanned (and sudden) large number of remote workers using established solutions such as VPN access could easily overwhelm the capacity of the VPN concentrator or have unanticipated software licensing impacts. Further, some applications may be sensitive to slow response times due to VPN or firewall bottlenecks and not function as expected.

With Windows Virtual Desktop, we no longer need to be concerned with the constraints of the physical hardware or a person's location. In the example above if the worker cannot come into the office, they can request a virtual desktop which can be quickly and easily provisioned based on their profile, and within minutes they can connect through the Windows Desktop, Web, Android, macOS or iOS clients.

9. Protect your organization from malicious impersonation-based phishing attacks

Phishing attacks come in a variety of forms from commodity-based attacks to targeted spear phishing or whaling. With the growing complexity, it's difficult for even a trained eye to identify some of these sophisticated attacks.You can set up an ATP anti-phishing policy with Office 365 Advanced Threat Protection to help ensure that your organization is protected against such attacks.