blog DLP Microsoft Teams Mobile Security Security SkypeShield

Data Loss Prevention in a Remote Work Environment: Adapting to the New Normal

Data Loss Prevention in a Remote work enviroment

In recent years, remote work has transformed from a convenient perk into a full-fledged paradigm shift in the modern workplace. The COVID-19 pandemic accelerated this trend, forcing companies worldwide to embrace remote work as the new normal. While remote work offers numerous benefits, such as increased flexibility and reduced commute times, it also poses significant challenges in ensuring the security of sensitive data. As employees access company information from various locations and devices, the risk of data loss or breaches increases. In this article, we will explore the importance of data loss prevention (DLP) in a remote work environment and discuss strategies to adapt to this evolving landscape.

The Growing Importance of Data Loss Prevention (DLP)

Data is the lifeblood of any organization, containing valuable intellectual property, customer information, financial data, and proprietary research. Data loss or unauthorized access can lead to severe consequences, including financial losses, reputational damage, legal liabilities, and regulatory non-compliance. In a remote work environment, the lack of physical security measures and increased reliance on personal devices make data more vulnerable to breaches and leaks.
Adapting DLP Strategies to Remote Work

Employee Education and Training

The first line of defense against data loss in a remote setting is a well-informed and vigilant workforce. Organizations must invest in comprehensive training programs to educate employees about potential data security risks and best practices. Training topics may include the proper use of company devices and applications, recognizing phishing attempts, secure file sharing methods, and the importance of strong password management.

Implementing Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) adds an extra layer of security to the login process by requiring users to provide multiple forms of identification. This could include something they know (password), something they have (smartphone), or something they are (fingerprint). By implementing MFA, organizations can significantly reduce the risk of unauthorized access to sensitive data, even if login credentials are compromised.

Endpoint Security and Device Management

In a remote work environment, employees often use personal devices to access company resources. This creates potential security vulnerabilities if these devices are not adequately managed. Companies should enforce policies that require antivirus software, regular updates, and device encryption on all devices used to handle sensitive data. Additionally, consider adopting Mobile Device Management (MDM) solutions to remotely manage and secure devices, ensuring that corporate data can be wiped if necessary.

Secure File Sharing and Collaboration Tools

Remote teams rely heavily on file sharing and collaboration tools to work efficiently. While these tools boost productivity, they can also become entry points for data breaches if not configured securely. Organizations should choose platforms with strong encryption, access controls, and permissions settings. Additionally, regularly review and audit user access to ensure that only authorized personnel have access to sensitive data.

Network Security and VPN Usage

A robust virtual private network (VPN) is essential for secure remote access to an organization’s internal network. Encourage employees to use VPNs when working from public or unsecured Wi-Fi networks to encrypt data transmissions and protect against potential eavesdropping and man-in-the-middle attacks.

Data Backup and Recovery
Regular data backups are crucial to minimize the impact of data loss incidents. In a remote work environment, where employees may have different data storage practices, centralized backup systems are essential. Cloud-based backup solutions can safeguard data across various devices and locations, providing a safety net against accidental deletions, device failures, or cyberattacks.

Data loss prevention in a remote work environment is vital for safeguarding sensitive information in the face of evolving work trends. As remote work becomes a permanent fixture in the modern workplace, organizations must adapt their security strategies accordingly. By prioritizing employee education, implementing robust security measures, and leveraging advanced technologies, businesses can mitigate the risks associated with data loss and ensure that remote work remains productive, secure, and compliant with industry regulations.

Please contact AGAT Software for more information
Write us an email at:
And don’t  hesitate to contact us !

ADFS Skype for Business SkypeShield

New security vulnerabilities exposed in Microsoft ADFS

Tests carried out on a number of large organizations using Microsoft’s ADFS (Active Directory Federation Services) for SSO (single sign on) to cloud or third party services such as Office 365, Skype for Business (Lync) Online or Salesforce revealed that they expose their corporate networks to account lockout threats.

Testing conclusively demonstrated that companies using ADFS for authentication are vulnerable to threats caused by the external exposure of authentication services.

The tests by AGAT Software demonstrated the ability of hackers to lock Active Directory network user accounts, which were believed to be protected. Only knowledge of the username was required, which is typically easy to guess or to find out.

The tests revealed that attackers can lock accounts through ADFS even when the ADFS Extranet Lockout feature of Windows 2012 is deployed to protect ADFS.

A successful attack can cause significant business damage by preventing the user from logging into the network and from performing any type of work. Even resources not requiring ADFS are affected. This attack vector can be abused as part of a wider DDoS attack, halting all the company’s activities by locking all of the domain network users.

Beyond protecting ADFS, AGAT also offers a unified defense solution for protecting Skype for Business against account lockout. The Skype for Business topology creates challenges that are hard to address using generic solutions due to the multiple protocols, channels and methods used by a plethora of supported clients.

In order to raise awareness of the vulnerabilities that ADFS and Skype for Business deployments cause, AGAT Software is now offering a free test to companies wishing to validate that their network accounts are protected against account lockout for both ADFS deployments and Skype for Business on-premise deployments.

How To Microsoft Lync Mobile Security Skype for Business SkypeShield Two Factor Authentication

How to safely connect to Skype for Business using RSA security token

SkypeShield offers innovative security solution that allows users of RSA SecurityID and other secure tokens to safely connect to their organization’s Skype for Business server without using their  Active Directory (AD) credentials.

SkypeShield’s solution adds another secured authentication option, enabling strong mobile and external Skype for Business authentication for organizations with a network policy that requires Hardware One Time Password (OTP) or Two Factor Authentication (TFA).

Organizations that use OTP tokens, such as RSA SecurID Authenticator device, have a problem using them in conjunction with Skype for Business. The new solution enables therefore both mobile and desktop users to connect to Skype for Business using their RSA token while avoiding the usage of AD credentials and implementing TFA.

Moreover, SkypeShield can require the user to register in a self-service portal to further add security to the authentication process and make sure only registered devices can connect.

The device registration process is completed once and the user uses his RSA token to authenticate and enable Skype for Business connectivity thereafter.

“The market for security tokens is constantly growing, requiring organizations, that use Skype for Business to look for new security solutions,” said Guy Eldan, CEO of AGAT Software which developed SkypeShield. “After we launched a special solution for smart card mobile authentication, it was only natural to add another special solution for security tokens.”

SkypeShield’s solution does not require setting Active Directory Federation Services (ADFS) and offers a complete user experience including both Skype for Business & Exchange information, which can be safely used from the external device.

It also addresses account lockout protection and other TFA software solutions for external Skype for Business clients.

A recent survey by research company Frost & Sullivan indicated that the global OTP market is growing at an annual rate of 7.5 percent and is expected to reach $1.2 billion by 2017.