Remote work is becoming the new normal for many companies around the world. Employees are using tools like Microsoft Teams to collaborate, chat, and connect in new ways to try to keep their businesses moving forward amidst the challenging global health crisis.
Business continuity is an imperative, and you must rely on your employees to stay connected and productive outside of the traditional digital borders of business. In doing so, identifying and managing potential risks within the organisation is critical to safeguarding your data and intellectual property (IP), while supporting a positive company culture.
In this blog we give some guidance for things you can do to take advantage of these capabilities. A lot of these examples are on Teams, but many of these features are relevant across Microsoft 365.
First, knowing where your data resides while employees are working remotely is a vital question, especially for your risk management-focused departments. Data in Teams is encrypted at rest and in transport, and uses secure real-time protocol for video, audio, and desktop sharing. There are also several tools that help you remain in control and protect sensitive documents and data in Microsoft 365. For example, you can restrict Teams experiences for guests and people outside of your organisation. You can also govern the apps to which each user has access.
Data loss prevention (DLP) addresses concerns around sensitive information in messages or documents. Setting up DLP policies in Teams can protect your data and take specific actions when sensitive information is shared. For example, suppose that someone attempts to share a document with guests in a Teams channel or chat, and the document contains sensitive information. If you have a DLP policy defined to prevent this, the document won’t open for those users. Note that in this case, your DLP policy must include SharePoint and OneDrive for the protection to be in place.
You can also apply a sensitivity label to important documents and associate it with protection policies and actions like encryption, visual marking, and access controls and be assured that the protection will persist with the document throughout its lifecycle, as it is shared among users who are internal or external to your organisation. You can start by allowing users to manually classify emails and documents by applying sensitivity labels based on their assessment of the content and their interpretation of the organisational guidelines. However, users also forget or inaccurately apply labels, especially in these stressful times, so you need a method that will scale to the vast amount of data you have.
Automatic classification with sensitivity labels helps you achieve that scale, for documents stored on SharePoint Online and OneDrive for Business, and for emails in transit in Exchange Online. Like with manual classification, you can now set up sensitivity labels to automatically apply to Office files (e.g., PowerPoint, Excel, Word, etc.) and emails based upon organisational policies. In addition to having users manually label files, you can configure auto classification policies in Microsoft 365 services like SharePoint Online, OneDrive, and Exchange Online. These policies can automatically label files at rest and in motion based on the rules you’ve set. Those classifications also apply when those documents are shared via Teams.
We also know that stressful events contribute to the likelihood of insider risks, such as leakages, IP theft, or data harassment. Insider Risk Management looks at activity from across Microsoft 365, including Teams, to identify potential suspicious activity early. Communication Compliance, part of the new Insider Risk Management solution set in Microsoft 365, leverages machine learning to quickly identify and take action on code of conduct policy violations in company communications channels, including Teams. Communication Compliance reasons over language used in Teams which may indicate issues related to threats. Detecting this type of language in a timely manner not only minimizes the impact of internal risk, but also can go a long way in supporting employee mental health in uncertain times like this.
To comply with your organisation’s internal policies, industry regulations, or legal needs, all your company information should be properly governed. That means ensuring that all required information is kept, while the data that’s considered a liability and that you’re no longer required to keep is deleted. You can set up Teams retention policies for chat and channel messages, and you can apply a Teams retention policy to your entire organisation or to specific users and teams. When data is subject to a retention policy, users can continue to work with it because the data is retained in place, in its original location. If a user edits or deletes data that’s subject to the retention policy, a copy is saved to a secure location where it’s retained while the policy is in effect.
All data is retained for compliance reasons and is available for eDiscovery until the retention period expires, after which your policy indicates whether to do nothing or delete the data. With a Teams retention policy, when you delete data, it’s permanently deleted from all storage locations on the Teams service.
Working remotely helps your employees stay healthy, productive, and connected, and you can keep them productive without increasing risk or compromising compliance. For more guidance around supporting a remote work environment in today’s challenging climate, contact us today!