The digital workplace provides employees with the right tools to improve productivity. Crucially, the user is critical to the security of collaboration tools such as Office 365, Microsoft Teams, or SharePoint Online and in the protection of their data.
Modern working methods and the evolution to cloud systems must be accompanied by effective protection for employees and data – wherever they are and however it’s accessed.
Collaborative work is on the rise. It is the mission of the digital workplace to provide employees with the right tools and to train users, in order to improve productivity.
Crucially, the user is critical to the security of collaboration tools such as Office 365, Microsoft Teams, and SharePoint Online and in the protection of their data. Leading to a key question:
How can we involve them positively in the cyber‑defence of the company?
Employees now have powerful tools to communicate and exchange information, whether in the office or remotely. In a true digital office they can connect from many devices and can easily share folders, give access to others, view shared files or emails, and much more.
At the same time, the security team is increasingly questioning how to secure these collaboration spaces. How to oversee external communications, the sharing of sensitive files, the management of users and groups of users and their applications and rights?
The user must have the means to understand the security of their account and data. Who is accessing their mailbox or who has the rights to do so? Are the people who access their files the people they’re expecting? Are active connections and synchronisations legitimate?
How can we secure these new methods and tools? Most digital workplace tools are rapidly adopted, given their promise of productivity and efficiency gains. For security tools and protocols, the perspective is different. We know the tensions that can exist between digital convenience and security – the latter perceived as a constraint.
Users are highly resourceful at circumventing constraints and limits when these block usage. Therefore, we must find the right balance between constraint and access. We need a simple approach that is aligned with user behaviour – this will be adopted most easily, and serve the interests of both the user and the security team.
We should review solutions that users are familiar with in their personal digital experience, along with the security alerts they are used to, in tools like Dropbox, Gmail, Facebook…
When securing collaboration tools and protecting users and their data, communication is a key success factor.
IDECSI has implemented a new concept that addresses these issues related to collaboration tools, including Microsoft 365.
Thanks to MyDataSecurity, a personal security assistant for all employees, everyone in the company has a view of the security of their resources – files, libraries, mailbox,… An interactive dashboard allows users to naturally understand their security: who accesses their resources, who has rights, what is the active configuration, which devices synchronize.
Accessible via a web page, a mobile application or directly by email, MyDataSecurity also makes it possible to report accesses and configurations that are dubious or no longer desired. Each critical, malicious action can be immediately identified and then handled by the SOC or the security team. The security team can decide to share the information, consult the user via the interactive and intuitive dashboard or send them alerts identifying a suspicious behaviour to be verified.
IDECSI is a technology that serves users – both employees and security – to solve one of the critical security issues of our time.
By improving the user experience around security, users become security actors and help strengthen the company.