For many managers and business owners, fear is the first thing that strikes when they think about the ‘modern workplace’ – the transition to mobile working and working in the Cloud. It is right at the top of their IT security worries because it involves new technologies, it is unfamiliar territory and there is often a generational divide between the millennials who expect to be able to work this way and their managers who worry about the consequences of doing so. If you recognise any of these anxieties, this article will guide you through this new and unfamiliar territory.
The challenge is essentially the same one that faces anyone working in security. You need to understand the risks, then balance security against utility. You need to make sure everything is secure, but you cannot bolt everything down so tightly that it is difficult or impossible to use. In the context of a mobile workforce using cloud-based data and applications, you have three challenges:
- Keep your staff identities secure.
- Manage the mobile devices that your staff use.
- Protect confidential company data.
You need a system that will provide the protection you need, with security at all times in all places, but giving your staff the convenience of working in the way they want. This is precisely what does.
How Riverbank SAFE works
Protecting your people
You are probably familiar with logging on to a traditional computer network, with a user name and password. This system now works in the cloud, so wherever you are and whatever device you are working on, you have to be authenticated before you can start work. This authentication can happen via a user name and password plus one of a variety of other verification methods, such as one-time access code, finger print or facial recognition.
One major bonus in managing user identity is the option of single sign-on (SSO). Once you have logged on to the company system, you are pre-authorised for the other web-based systems that you need to use. The employee only has one password to remember and only one logon to perform. That is a real benefit for staff who otherwise will be trying to remember multiple logons and multiple passwords.
The additional benefit for you, the employer, is that you have provable security. Your computer users only ever know the access name and password for one system. When they leave, you block that single user name and password and you can be sure that they are locked out of every web-based system they were using.
Protecting the mobile devices they use
Mobile Device Management (MDM) is the component of Riverbank SAFE that protects the devices that your staff use. MDM delivers control and management. You decide which devices each person is allowed to use; if a device hasn’t been enrolled into your company, it can’t be used. It doesn’t matter if the device is owned by you or if it is privately owned (‘BYOD’ = Bring Your Own Device).
You decide which applications can be used and what data can be stored on each device. You get complete visibility of what is happening and where your data is being stored. When a device gets lost, instruct it to wipe all company data and remove any company applications, or even wipe the entire device so it stops working altogether.
Protecting confidential information
The protection of confidential information starts with your ‘baseline security’, the security you have always applied to your computer data. You have already decided what information should be available to everyone in your organisation and what needs to be restricted. Some people start from the position of trust, that everyone should have access to everything, then lock down the sensitive parts like Finance and HR. For more security-sensitive organisations, the assumption is that no-one has access to anything and then they open up selected parts for selected people.
On top of this base level of security there is an extra layer that Riverbank SAFE adds. You apply additional protection to documents based on a policy or by selecting individual files for additional protection. The protection can limit access to particular people and it can limit what they can do; for example, they can read a document, but they cannot print it.
The key point with this document management and protection is that the protection resides with the document itself. It doesn’t matter if it has fallen into the wrong hands or been copied to a USB stick that someone left on a plane, the protection still applies.
What’s under the hood?
Riverbank SAFE is powered by Microsoft Enterprise Management + Security. As the name suggests, it is enterprise-level software that the technical experts at Riverbank deploy and manage on behalf of our clients. We configure each component according to each client’s needs and provide all the alerting and reporting they need. We can also provide access to their own control panel if their IT department would like to monitor it too.
Microsoft has long used software called Active Directory to maintain a register of the users allowed to log on to a traditional office network. This proven security system has now been extended to the Cloud with Azure Active Directory. This authenticates users on each device and delivers any multi-factor authentication that is required. It also manages single sign-on.
Learn more about Riverbank S.A.F.E
This article follows on from the Riverbank guide to IT security, which takes a broad look at IT security for business owners and managers. If you need further help with your IT security, contact the experts at Riverbank IT Management your IT Support company on 01235 426700 or email or Contact us here.
Alternatively fill the form below.