First, knowing where your data resides while employees are working remotely is a vital question.
With Covid-19 continuing to challenge countries globally, organisations are relying on their employees to stay connected and productive outside of the traditional digital borders of business.
Working remotely helps employees stay healthy, productive and connected, and you can keep them productive without increasing risk of compromising compliance. In doing so, identifying and managing potential risks within the organisation is critical to safeguarding your data and intellectual property (IP), while supporting positive company culture.
First, knowing where your data resides while employees are working remotely is a vital question, especially for your risk management-focused departments.
There are several tools that help you remain in control and protect sensitive documents. For example, data in Microsoft Teams is encrypted at rest and in transport, and uses secure real-time protocol for video, audio and desktop sharing.
In addition, whatever remote working platform you have selected to operate with, it is important to restrict access for guests and people outside of your organisation. You can also govern the apps to which each user has access.
Second, data loss prevention (DLP) addresses concerns around sensitive information in messages or documents. Setting up DLP policies in your remote working apps can protect your data and take specific actions when sensitive information is shared.
For example, suppose someone attempts to share a document with guests in a Teams channel or chat, and the document contains sensitive information, if you have a DLP policy defined to prevent this, the document will not open for those users.
Third, you can also apply a sensitivity label to important documents and associate it with protection policies and actions like encryption, visual marking and access controls and be assured that the protection will persist with the document throughout its lifecycle, as it is shared among users who are internal or external to your organisation.
You can start by allowing users to manually classify emails and documents by applying sensitivity labels based on their assessment of the content and their interpretation of the organisational guidelines. However, users also forget or accurately apply labels, especially in these stressful times, so you need a method that will scale to the vast amount of data you have.
Like with manual classification, you can now set up sensitivity labels to automatically apply to Office files (PowerPoint, Excel, Word…) and emails based upon organisational policies. In addition to having users manually label files, you can configure auto classification policies in Microsoft 365 services such as SharePoint Online, OneDrive, and Exchange Online.
These policies can automatically label files at rest and in motion based on the rules you have set. Those classifications also apply when those documents are shared.
We also know that stressful events contribute to the likelihood of insider risks, such as leakages, IP theft, or data harassment. It is therefore critical that organisations put in place tools to identify potential suspicious activity early.
The writer is the country manager, Microsoft Kenya