Securing the modern workplace: A webinar on managing compliance and security threats

The adoption of cloud technologies like Microsoft 365 is constantly transforming the dynamics of the modern workplace. These tools significantly enhance efficiencies that lead to immense productivity benefits. However, they also introduce new security and compliance challenges that put businesses at great risk.

In our webinar, Securing the Modern Workplace: Strategies for Managing Compliance and Security Threats, we discuss the evolving landscape of threats targeting the modern workplace and the solutions that can help businesses mitigate the risks involved. Jairo Sarmiento, our Cloud Solutions Architect at Claro Enterprise Solutions, shares his extensive expertise in cloud services to help you understand the critical aspects of your Microsoft 365 journey, from initial migration to ongoing management.

Here, we focus on three key issues modern workplaces face:

• An ever-changing array of security threats continuously target Microsoft 365 environments.
• New regulations raised the bar for compliance, compelling organizations to align with stricter governance standards, especially for data protection.
• Increased cloud adoption has created a data sprawl problem, necessitating solutions that would tame data sprawl and maintain visibility.

We then share best practices on how you can implement effective strategies for securing and managing your Microsoft 365 environment, including how to leverage Claro Enterprise Solutions.

Understanding the modern workplace

With remote and hybrid work models now the norm, technology has become the backbone of modern workplaces. It’s essential to collaboration, communication, and productivity. It’s what connects the three key pillars of the modern workplace:

• Scalability - With cloud-based services like Microsoft 365, businesses can grow without the constraints of physical infrastructure.
• Flexibility - Teams can work seamlessly from anywhere on any device.
• Collaboration - Teams can connect, share, and innovate in real time regardless of location.

While these elements are the foundation of a thriving modern workplace, they also introduce new challenges and risks. As businesses adopt flexible cloud-based tools, the risks of data breaches, cyberattacks, and compliance violations increase. In fact, statistics show how vulnerable data is within these cloud environments.

• Over 60% of IT teams are unaware of data exposure in their Microsoft 365 environment.
• 71% of companies admit sensitive data is regularly shared through tools like Microsoft Teams.
• 92% of security incidents are unintentional, with human error being the leading cause of data breaches.

The thing is most organizations are unaware of these risks. Jairo Sarmiento, having worked in data security for years, has seen this firsthand in different companies. They assume that Microsoft 365 is secure because the collaboration suite is offered by Microsoft itself. However, Microsoft actually recommends that companies secure their environments with solutions like backup and collaboration security.

What many organizations fail to understand is that every time they collaborate and share data, whether internally or externally, they create touchpoints that expose that data. Without guardrails, these data can potentially be accessed by unauthorized users.

So, while cloud solutions like Microsoft 365 are powerful, productivity-enhancing tools, they open vulnerabilities, including overexposing organizational data. The caveat is that implementing security protocols that are too strict and too restrictive may inhibit the cloud solutions’ usefulness. This underscores the importance of balancing security with usability. We need to keep the cloud environment secure while still enabling seamless collaboration—not an easy feat with security threats that target cloud environments

Security threats that target Microsoft 365 environments

In the webinar, Jairo pointed out invisible threats in Microsoft 365. For one, numerous access points and poor data governance create an environment ready for data breaches. When you use Microsoft 365, you allow users to create Teams, OneDrives, and multiple workloads with minimal to no restrictions. As users collaborate and share files, they create multiple access points—each one creating a potential for breach. Often, links created and used for collaboration enable anonymous access without teams knowing that someone else has been given access to all the information being shared within their teams.

The lack of visibility and data governance may also lead to sensitive data exposure as users unwittingly share sensitive information. This issue poses both external and internal risks because the exposure of sensitive data may have operational, financial, and legal implications. Moreover, these come with reputational risk—damage that may be more difficult to deal with compared to costly penalties and legal embattlements.

Jairo also stresses one of the growing threats in cloud environments: the uncontrolled spread of data. Data sprawl inadvertently happens when users create teams, team channels, SharePoint workloads, OneDrive files, etc. The bigger the teams and the more complex the workloads, the larger area you’d have to secure.

Unfortunately, many organizations are still operating with outdated risk management protocols that fail to address these threats.

Outdated risk management protocols

Traditional security measures, such as on-premises firewalls and perimeter-based defenses, are no longer sufficient to secure cloud-based environments. In many cases, businesses haven’t prioritized developing and implementing modern security frameworks to protect cloud data.

So, how do organizations prioritize risks today?

To identify risks, most organizations rely on three things: permissions reports, audit logs, and DLP reports. Permissions reports pinpoint which users are accessing which specific type of data. Audit activity reports identify whether users are doing something they shouldn’t be doing. DLP reports help spot if there’s sensitive data being accessed.

However, these tools have limitations. DLP reports, for instance, while available in Microsoft 365, require E3 and E5 licenses. You’ll need to upgrade to higher-tier plans to view the reports. Furthermore, data is still being tagged “sensitive” by Microsoft’s systems. Anyone with admin access can view this tagged data.

The main challenge here is the immense number of reports one has to go through to identify and analyze sensitive data. You’d have to go through DLPs, audit logs, permission reports, etc. to understand what’s happening to your data.

For example, you might need to look at one report to see who has access to a specific team (like an external user named Claudia) and then check another report to see how many times Claudia accessed a document. After gathering all this information, you still need to connect the dots to figure out if Claudia is accessing sensitive data improperly. This process is slow and tedious, especially with many users and large amounts of data to go through.

With the right tools, such as those we offer at Claro, this process can be streamlined. We have tools that can automatically detect that Claudia is an external user with access to sensitive information and has accessed that data multiple times. Consequently, the IT team can quickly get the necessary information and take immediate action.

Instead of just identifying the problem, our tools can also help prevent it. In our sample case, they can automatically block external users (like Claudia) from accessing sensitive teams or data. They can also help prevent future issues by notifying the internal user (like Michael) who granted access to Claudia and even restrict Michael's ability to grant such access in the future.

This approach simplifies the work for both the IT and security departments. The tools not only provide quick visibility into the situation but also help take proactive steps to prevent potential risks.

Best practices for securing and managing Microsoft 365 environments

To effectively manage the security and compliance challenges posed by Microsoft 365, businesses must implement best practices that protect their data and streamline the management process. The webinar outlined several best practices and how Claro Enterprise Solutions can help you implement them:

1. Back up before migrating - Before migrating data into a collaboration suite like Microsoft 365, Claro Enterprise Solutions strongly recommends setting up a backup solution to ensure business continuity. This ensures that if something goes wrong—like a cyberattack or ransomware—you can quickly restore your data and keep your business running.
2. Streamline migration - Move your data into Microsoft 365 and back up your workloads within your Microsoft 365 environment. This process is fairly straightforward but may involve some complexities when migrating from older systems or moving large amounts of data. In these cases, Claro can help move data seamlessly from file servers, SharePoint, or older systems like Exchange.
3. Monitor and govern - Simply moving the data isn’t enough. You need both proactive and reactive security measures to protect it. This involves ensuring you have the proper tools to detect if unauthorized people (inside or outside the company) are accessing sensitive data. A comprehensive solution for this is Claro’s Collaboration Security Management—a solution that combines professional and managed services with powerful tools to safeguard data and ensure compliance within Microsoft 365 environments.
4. Go beyond layered security - Traditional security relies on having multiple layers like physical security cameras, perimeter security, system firewalls, secure endpoints, and whatever else can keep external users from breaching your defenses and gaining access to your system. However, this outdated approach doesn't fully address the risk because the real issue often lies within the organization. Employees might be leaving data exposed, whether intentionally or not. Instead of focusing only on external threats, it's better to secure data from the inside out—exactly what Claro Collaboration Security Management is designed to do. Claro Enterprise Solutions offers two services that can be used in implementing these best practices: Cloud Backup and Collaboration Security Management, both of which are compliant with the NIST 2.0 Cybersecurity Framework.

A peak at how Claro Collaboration Security Management works

Organizations often underestimate the complexity of maintaining a secure Microsoft 365 environment. Consider the challenges of ISO certifications or security audits—audits can reveal security flaws, but they often require extensive data analysis and manual effort. Similarly, while an ISO certification might indicate that you have the necessary controls in place, it may not be sufficient without ongoing visibility and proactive security management.

This is where Claro steps in. We offer automated, real-time insights that remove the manual burden of security monitoring. Our process for each client differs depending on their unique needs, but we follow a core workflow to keep all bases covered.

1. Initial consultation

We start with understanding what's happening within your Microsoft 365 Collaboration Suite. We schedule an initial consultation to understand your business data sensitivity, which regulations you need to follow or be compliant with, which permissions you need to allow, and other concerns.

2. Risk assessment

We conduct an initial risk assessment to evaluate potential vulnerabilities. With your approval, we sift through your Microsoft 365 workloads to clearly identify the risk state of the data you have. We prioritize risks based on data sensitivity, exposure, and other factors.

3. Remediation package proposal

We present the remediation plan based on our findings from the risk assessment. Our team of experts designs the plan based on your data sensitivity, the risk that you’re exposed to, etc. They’ll also consider the configurations you need to be able to be compliant with specific rules and regulations and have a secure Microsoft 365 environment.

4. Deployment

Once you approve the remediation plan, our management services team will deploy the configurations. Claro has a Management Collaboration Suite that can handle this and ensure that your cloud environment is properly configured and secure.

5. Continuous monitoring

Security risks evolve fast and so must the solutions. To remain proactive in securing the workplace, Claro also offers recurring services, including creating critical policies to adapt to changing user needs. This enables you to have the right policies in place whenever you need them.

Claro Enterprise Solutions has worked with multiple verticals, including tech and government. In a recent assessment for a government organization, we helped migrate to Microsoft 365, we discovered that they had over 30,000 high-risk items and around 10,000 unsecured links. We presented our findings to them and our remediation plan, which they adopted.

From survival to strategic: The convergence of cyber and physical security

At Claro, we prioritize security in all its forms. Employing a cyber-physical convergence approach, our portfolio addresses both cyber and physical security needs. But what sets us apart is the seamless integration ofthese offerings. We help guide your company through a cyber-physical security evolution, aligning your systems from the basic survival stage to a strategic, integrated approach.

Stages of cyber-physical security evolution

1. Survival stage - Most companies find themselves here, where security efforts are reactive and under-resourced, and organizations are vulnerable to evolving threats. They typically rely on basic cybersecurity tools like firewalls and antivirus software, along with simple physical security measures like locked doors and video surveillance. There’s little to no integration between the digital and physical worlds.

2. Tactical stage - Companies in this stage are a bit more proactive. They have centralized firewalls, network monitoring, endpoint protection, and cloud backup solutions. However, physical and digital security remain separate, with limited integration between the two.

3. Smart stage - This intermediate stage is where collaboration security becomes crucial. Organizations are now more proactive, integrating solutions like Cloud MDR (Managed Detection and Response) and ransomware detection with advanced incident response capabilities. Although there’s improved collaboration, there’s still room for growth in fully connecting physical and cyber systems.

4. Strategic stage - This is the pinnacle of security evolution with connected cyber-physical security systems. Here, proactive policies and continuous monitoring of both digital and physical security events create a seamless, integrated approach. Threats are identified and neutralized before they can escalate, so systems and data are always secure.

Claro's cyber-physical solutions

Claro recognizes that the key enablers of cyber-physical systems are AI, Cloud, connectivity, and IoT (Internet of Things). Our solutions combine these technologies to create an integrated security environment where digital and physical systems work together in real time.

• AI and Video Analytics. AI-powered video analytics help identify security threats in physical spaces. Any unauthorized access triggers an immediate security response.
• Collaboration Security. We integrate collaboration tools like Microsoft 365 with advanced security features to safeguard sensitive data across all platforms.
• IoT Asset Insights. By leveraging IoT sensors, we collect critical data from physical environments and analyze it using cloud-based AI and machine learning tools. This enables real-time decision-making and automated responses to security threats.

Connecting the digital and physical worlds

Our unified dashboard allows you to monitor both cyber and physical security events in one place, providing a comprehensive view of your security posture. By correlating these events, we can identify real-time risks and recommend immediate actions to mitigate them.

Imagine a scenario where sensitive research data is stored in a restricted zone, such as an R&D lab. If an unauthorized person enters the physical space, our AI video analytics solution will detect this anomaly. Simultaneously, our collaboration security system scans linked Teams or SharePoint sites for any unusual activity. This keeps the organization secure both physically and digitally.

Achieve a fully integrated security posture

Cyber-physical convergence is the future of security, and Claro is here to help your organization evolve from survival mode to having a strategic, fully integrated security posture. To learn more about smarter, more proactive cyber-physical security, watch the full webinar. Scan the QR code at the end of the webinar to request your complimentary data risk assessment for Microsoft 365.

‍