Information sharing is deeply integrated into the day-to-day operation of any company. In the era of collaboration convenience and promptness have become the key aspects to consider when accessing information, and security is often overlooked. However, when providing access to partners outside the organization, security and privacy issues could arise.
Softline’s expert team has spent months understanding and mastering the possibilities provided by Microsoft 365 collaboration tools in terms of security and developed a practice on how to govern the external collaborators in an organization. External sharing can be an extremely challenging area from a security point of view, and here are the factors why:
Link sharing is too easy
As the link sharing option is allowed by default, sharing information has become natural and easy. Employees are used to the convenience it offers and rely on this solution when sending information to their partners.
Guest account management can be difficult
When guest invite is enabled, people can automatically invite any email accounts. These guests are created in the tenant, without really knowing who they are or how the guest account lifecycle management will be executed.
Information protection is a must
External sharing requires some level of protection and encryption to keep the content safe even months or years after sharing them. There are many setups available including the limitation of downloading, commenting, and editing. These settings require harmonized efforts and rules.
Collaboration governance is needed
Developing governance in a programmatic and process driven way can be another challenge. Which settings to implement on an organization level and how to control the Microsoft Teams groups should be elaborated and managed.
Must be prepared for audits
Audits can happen anytime. Although, the system captures all end-user activity, and everything is stored in Microsoft Graph, companies need to be prepared to extract the needed information for internal audits at any given time.
Too many services and tools to master
Just within the compliance service there are at least 4-5 tools to understand. Furthermore, PowerShell cross-platform task automation solution also needs to be included to harden the tenants with PowerShell scripts.
How to achieve secure external sharing
According to Microsoft best practices, Softline proposes three different levels of protection:
Tier 1: Baseline
All the external containers are private. This means that in Microsoft Teams groups, people can’t discover the external sharing groups, so they aren’t visible and only IT can create them. All the groups are audited, the content is labelled, and external sharing users are limited.
Tier 2: Sensitive
At this level, content encryption is introduced together with document watermarks and limited users of labels. When a document is shared it is encrypted and only authenticated users can use the content, and they can’t share it with others.
Tier 3: Highly sensitive
There are several documents that are needed to be shared externally but isolating and limiting the relevant users are crucial.
There are a lot of built-in data loss prevention capabilities included in Microsoft 365 services. Nevertheless, when creating and applying the rules, it is also important to factor in convenience. Zsolt Bátorfi, Softline’s Chief Cloud Adoption Advisor elaborated the importance of secure external sharing and provided new aspects to consider in the following presentation recorded at Infosek 2021 Conference.
If you are interested in tailor-made proposal on how to create a secure environment for external sharing contact our experts using the form below, and they can design a solution that is in align with your compliance and security standards.
The number of cyberattacks rapidly multiplies and cybercriminals can easily monetize their activity. Having the best approach towards cybersecurity is more important than ever regardless of company size or industry. Our experts apply the Cybersecurity Framework to identify gaps and next steps so your company can prepare for cyberattacks the most fitting and reliable way.
There is no going back to the work model that prevailed before the pandemic. Hybrid work is the new normal organizations need to be able to provide to their employees, as Microsoft’s work trend index summarized in March. Azure Virtual Desktop is one of the solutions Microsoft provide for organizations on this journey. Using Azure Virtual Desktop enables a secure, remote desktop experience from anywhere, helping companies build resilience as they adapt to working in new ways. To help seamlessly deploy Azure Virtual Desktop, it’s important to understand the prerequisites and the four steps required: Plan-Prepare- Deploy-Optimize.
Tvrtke premještaju ključne aplikacije i radna opterećenja u oblak, povećavajući tako sigurnost, pouzdanost i učinkovitost. Istovremeno, rad na daljinu i hibridni rad i dalje su norma s obzirom na to da 55 % zaposlenika preferira takve oblike radnog okruženja. Azure virtualna radna površina nudi uređenu infrastrukturu virtualne radne površine kojom je lako upravljati,sigurna je i isplativa, a pruža i besprijekorno iskustvo koje se može usporediti s prijenosnim ili stolnim računalom. U ovom smo članku pripremili sažetak prednosti Azure virtualne radne površine te vam donosimo primjere iz stvarnog života drugih koji su u svom poslovanju koristili Azure virtualnu radnu površinu.
Effectively reducing your company’s cybersecurity risks can’t depend solely on strict policies. Taking proactive measures is just as important. Check out the three levels of actions you should take to protect your assets starting today.