3 ways to create a robust security strategy for remote teams

A woman working on a Surface device at home, with security to enable productivityRemote working isn’t new in the business world, but what has been unprecedented is the rise of home working this year. While it wasn’t often by choice, it’s definitely changed the way we work – in fact, 72 percent of UK employees and managers report a desire to continue working from home at least part-time. Security is an important factor in remote working. For organisations to truly embrace these new ways of working, it’s important to ensure your people have the tools they need to embrace productivity and innovation securely, on devices that let them work in their best way from anywhere.

In the new world of work, it’s important to keep your people at the heart of your business. That’s why empowering them with the tools they need to work smarter will help you create an inclusive and resilient culture. A Forrester study found that workers realised almost two hours in daily productivity gains using Microsoft 365 on Surface, while reducing security breach costs by about 20 percent. We’re going to dive into the ways you can embrace the productivity gains of a robust security strategy, while empowering employees to do their best work from anywhere.

1.      Extend security across your entire stack

A security strategy needs to ensure your entire digital estate is secure. Ensure your entire stack is optimised with devices and applications that have built-in security based on a Zero Trust model. Surface meets the same security standards of all Microsoft software and services, making it a strategic part of your security stack.

But what is Zero Trust? It’s a security model that adapts to the new hybrid workplace and embraces mobility and remote working. By assuming breach, Zero Trust verifies each request or what resource it accesses regardless of where the request originates. By never trusting and always verifying, it ensures every access request is authenticated, authorised and encrypted before granting access.

This identity-based approach works in the background and enables things like single sign-on. Employees can, for example, sign into their Surface device with Windows Hello, a reliable, fully integrated biometric authentication based on facial recognition or fingerprint matching. Because the Surface optimises apps, it makes it easier for employees to work together. In fact, that same Forrester study I mentioned earlier also found that 88 percent of survey respondents said that Microsoft 365-powered Surface devices had helped their employees become more collaborative.

Construction firm Willmott Dixon saw an immediate improvement in productivity when using Surface and Microsoft 365. “A lot of our architects and engineers live quite far away. We now connect with them via Teams” says Simon Wilson, Senior Operations Manager. “We’ve seen projects that have reduced design time from 12 weeks to eight weeks. That is a true saving to the project.”

A person standing in front of a computer

2.      Manage your security strategy your way

Zero Trust also helps your IT team manage your security infrastructure by combining threat protection, detection and response. Security can be managed from an easy to use control centre, protecting users, data, and endpoints. An integrated approach takes advantage of AI and automation. They take over low-level risk detection and real-time analytics to monitor and respond. This reduces chronic alert fatigue and means analysts can focus on critical alerts or higher threats.

The built-in security of Surface and Microsoft 365 makes it easy for your IT team to optimise to meet your specific needs. You can even go beyond traditional software-based policy management. Firmware configuration settings can deliver an extra level of hardware control and manageability. For example, the camera can be turned off for any device in highly secure areas to reduce risk. The built-in security of Surface and Microsoft 365 makes it easy for your IT team to optimise to meet your specific needs. You can even go beyond traditional software-based policy management. Firmware configuration settings can deliver an extra level of hardware control and manageability. For example, the camera can be turned off for any device in highly secure areas to reduce risk. Surface also benefits from three security features: Trusted Platform Module (TPM), Unified Extensible Firmware Interface (UEFI) and Device Firmware Configuration Interface (DFCI).

TPM: This military-grade security protects the keys used in authentication and encryption.

UEFI: This protects the firmware from malicious attacks. Maintained by Microsoft, so that from the time the power button is pressed to the time that the operating system boots, organisations can avoid a critical vulnerability point and be assured that the latest UEFI updates are pushed out.

DFCI: Born from the Microsoft cloud offerings and enabled fast cloud deployment and management down to the firmware and component level. Benefit for those using AutoPilot via InTune, perfect for cloud first deployment, management and end of user decommission from your IT admin. DFCI gives users freedom to work from any location while still maintaining control and security.

Microsoft Surface Enterprise Management Mode (SEMM) is a feature of Surface devices with Surface UEFI that allows you to secure and manage firmware settings within your organization. With SEMM, IT professionals can prepare configurations of UEFI settings and install them on a Surface device.

While these make it easy for your IT team to manage, a compliant organisation often hears from employees that security measures make it harder for them to access the tools they need to work. When you have built-in security, you can ensure pain-free access without compromising the employee experience. A biometric single sign-on such as Windows Hello can make it faster for your employees to log in. Additions like multi-factor authentication can also reduce credential attacks by 99 percent.

The Department of Work and Pensions (DWP) actively serves 25 million British citizens. Their cloud-first strategy allows them to be more agile and efficient. As a result of this approach, they are less reliant on expensive and hard-to-maintain on-premise infrastructure and are able to scale with the demands of business. By pairing this approach with Surface devices, they’re ensuring advanced security standards are applied from chip to cloud. “We’re making sure our solution covers all these security standards without limiting user experience,” says Nava Ramanan, Workplace Computing Lead Technical Architect at DWP.

3.      Minimise risk and reduce costs and complexity

A person on a Teams call on a Surface device. Zero trust security makes it easier to be productiveWith the right tools and devices it is possible to increase security and productivity while reducing costs and complexity. Surface powered by Microsoft 365 improves enterprise security by reducing both the number of security breaches and remediation costs—all without impacting workforce productivity or the employee experience. Forrester found that the number of annual breaches was reduced by 50 percent per year by using two-factor authentication, Advanced Threat Analytics, and Surface Enterprise Management Mode (SEMM).

By integrating new agile methods of device deployment and management, you can improve IT efficiency while reducing overheads. When combining Surface with Microsoft AutoPilot and Windows 10 Pro, IT teams saved four hours per device deployed.

As a local government, Warwickshire County Council is under increasing pressure to make resources go as far as possible while maintaining and improving services for its community. They made the bold decision to reduce costs by going from a combination of eight different devices to just one. They deployed Windows AutoPilot to optimise their IT team and ensure staff could start working straight out of the box.

“In just three months we migrated 4,500 staff to Microsoft 365 and Surface Pro. And less than one percent of users raised any issue with that at all,” says Craig Cusack, Assistant Director for Enabling Services.

Keeping workforce productivity at the heart of your security strategy

When you integrate your devices, apps and cloud security provisions, based on a Zero Trust principle, you can drive a highly orchestrated, centrally managed security solution. This makes it easier for your IT team to manage and deploy. It also embraces productivity and collaboration to ensure your employees stay secure and working at their best, even when remote.

UK law firm Shakespeare Martineau rolled out Surface devices to pair agility and freedom with improved end-point security, flexible productivity and practicality. In the end, it did much more, including improving morale, productivity and reducing downtime. They also saw an increase in billable hours and enhanced client satisfaction.

“Microsoft Surface complimented our strategy and was the device of choice to support our positive passionate people. The product is very good – in style, different ways of working and real performance – and it gives our staff the agility and freedom to work in a way that suits their lives whilst maximizing productivity and effectiveness,” says Dal Virdi, IT Director.

This also has the advantage of doing more with less. Implement new agile ways of working with a standardised portfolio that optimises the software and apps you run. Not only will this encourage your employees to work better together, but you’ll also benefit from improved efficiency and reduced overheads. That way you can spend more time innovating and delivering a great experience for the customers you support.

Find out more

Security and Endpoint Management with Surface: Surface for Business

Visit the website: Reimagine security and risk management

Download the eBook: Modernise your endpoint security strategy

Resources for your development team

Read the blog: Data security and encryption best practices

About the author

Chris, Lorigan a man in a black shirt smiling at the camera.Chris is Surface for Business product portfolio lead for Microsoft in the UK. As the owner of the UK product proposition, Chris enjoys understanding business challenges and bringing together product propositions that empower individuals and businesses to achieve their business objectives. With over 13 years of experience in hardware technology, Chris has held a number of roles in Product Management, Marketing and Sales across the industry in the UK and abroad.