Blog IDECSI

Improve the user experience of digital security

Written by Mona Piquet | Jul 31, 2019 12:22:00 PM

The digital workplace provides employees with the right tools to improve productivity. Crucially, the user is critical to the security of collaboration tools such as Office 365, Microsoft Teams, or SharePoint Online and in the protection of their data.

Modern working methods and the evolution to cloud systems must be accompanied by effective protection for employees and data – wherever they are and however it’s accessed.

Collaborative work is on the rise. It is the mission of the digital workplace to provide employees with the right tools and to train users, in order to improve productivity.

Crucially, the user is critical to the security of collaboration tools such as Office 365, Microsoft Teams, and SharePoint Online and in the protection of their data. Leading to a key question:

How can we involve them positively in the cyber‑defence of the company?

Adapt security to user needs

Employees now have powerful tools to communicate and exchange information, whether in the office or remotely. In a true digital office they can connect from many devices and can easily share folders, give access to others, view shared files or emails, and much more.

At the same time, the security team is increasingly questioning how to secure these collaboration spaces.  How to oversee external communications, the sharing of sensitive files, the management of users and groups of users and their applications and rights?

The user must have the means to understand the security of their account and data. Who is accessing their mailbox or who has the rights to do so? Are the people who access their files the people they’re expecting?  Are active connections and synchronisations legitimate?

Without constraints

How can we secure these new methods and tools? Most digital workplace tools are rapidly adopted, given their promise of productivity and efficiency gains. For security tools and protocols, the perspective is different.  We know the tensions that can exist between digital convenience and security – the latter perceived as a constraint.

Users are highly resourceful at circumventing constraints and limits when these block usage.  Therefore, we must find the right balance between constraint and access. We need a simple approach that is aligned with user behaviour – this will be adopted most easily, and serve the interests of both the user and the security team.

We should review solutions that users are familiar with in their personal digital experience, along with the security alerts they are used to, in tools like Dropbox, Gmail, Facebook…

Facilitating communication: The Security-User relationship

When securing collaboration tools and protecting users and their data, communication is a key success factor.

  • Valuing the security approach: it is important for users to understand that it is in their interest to have tools which allow them to track what is happening in their account, mailbox or files.
  • Simplify the information as much as possible: share the right information, in the right format. Understandable concepts, readable reports, simple UX.
  • Reassure users: how it works, what data is analysed from their account.

From control and constraint to the commitment of all: MyDataSecurity

IDECSI has implemented a new concept that addresses these issues related to collaboration tools, including Microsoft 365.

Thanks to MyDataSecurity, a personal security assistant for all employees, everyone in the company has a view of the security of their resources – files, libraries, mailbox,… An interactive dashboard allows users to naturally understand their security: who accesses their resources, who has rights, what is the active configuration, which devices synchronize.
Accessible via a web page, a mobile application or directly by email, MyDataSecurity also makes it possible to report accesses and configurations that are dubious or no longer desired. Each critical, malicious action can be immediately identified and then handled by the SOC or the security team. The security team can decide to share the information, consult the user via the interactive and intuitive dashboard or send them alerts identifying a suspicious behaviour to be verified.

IDECSI is a technology that serves users – both employees and security – to solve one of the critical security issues of our time.

By improving the user experience around security, users become security actors and help strengthen the company.

  • You engage users in protecting their data
  • You dramatically change the relationship with security
  • You ensure users value the actions of the security team