Amid all the flurry of transitioning usually on-premise staff to “work-from-home (WFH) ready”, security is a critical step that I personally worry is being overlooked. To address this concern, I wanted to write a quick blog on how we had fortunately – and admittedly not with a pandemic in mind – set ourselves to maintain our operations with no significant change other than some employees borrowing monitors and docks for their houses.
As a services company, we always must balance the line of working for our customers while also providing the same services to ourselves. The famous “eat your own dog food” mentality from Microsoft has been a primary driver for how our executive team approaches internal IT, and so the teams that serve our customers provide the exact same services for Intrinium.
As we continued to grow, we did not want our geographical location to be an issue in providing any of our services, and we wanted to simplify our Business Continuity Policy and Disaster Recovery Plans (BCP/DRP) to remove any reliance on our offices while still maintaining the security principals of Confidentiality, Integrity, and Availability. We spoke with our peers and other companies that have experience in existing in a pure remote work capacity (a personal friend of mine works from Sequim, WA but runs a their company effectively with employees throughout the US, requiring no office space whatsoever) to understand what the biggest challenges are with remote work, and how to overcome them.
With this is mind, we moved the majority of how we conduct our operations and the related workload to Microsoft Online and Azure. There are obvious benefits to the integrated platform – such as having Exchange, Teams, SharePoint Online, OneDrive, etc. all protected by a single-sign-on experience with multi-factor authentication – in addition to their integrations with one another, making the transition incredibly appealing. Furthermore, we are able to ingest audit and security data from these platforms into our monitoring technologies, ensuring that we do not lose visibility into security events occurring in our Cloud. We also have deployed our preferred monitoring technologies that allow our security teams to protect our employees that are rarely connected to the corporate network, either because they are full-time remote or consistently on the road.
This, among many other steps, made our ability to have all staff work from home for a day as a test a massive success. The ability for us to do this without any additional capital or operational costs was a big win for the business financially as well!
This secure remote work delivery has especially helped our customers that have either already made a similar transition or have required our help with employees suddenly transitioning to work from their homes. We have already seen an increase in requests for help with maintaining and supporting IT and Security Operations for a more distributed workforce and are confident that we can use our experience as the model for success.
I hope that this provides some guidance on how to be successful as you make your decisions about how to protect your employees, their families, and your communities while still fulfilling your organization’s mission. If you have not looked at taking advantage of these cloud technologies – and how to deploy them securely – I urge you to do so. Intrinium is ready and available to assist you and your business during this trying time to enable success while addressing the rapidly changing situation that is currently unfolding around the region and world.