Katz/Pierz, a leading employee benefit advisory and management firm in Cherry Hill, NJ, partnered with Ancero to move their data and applications to the Microsoft Azure cloud platform just before COVID-19 hit. When stay-at-home orders were issued and employees began working remotely, Katz/Pierz was able to make the change without missing a beat.
Recognizing how cloud solutions enable a seamless shift to remote working while strengthening security and compliance, Katz/Pierce invited Ancero to lead a recent webinar for its clients. During this webinar, we discussed common compliance challenges associated with remote working, as well as security best practices, how Microsoft Azure solves compliance challenges, and the importance of working with the right cloud solution provider.
Compliance Challenges When Working Remotely
The coronavirus pandemic sent people to work from home with little warning. Many organizations weren’t prepared for the sudden change and didn’t have time to determine their readiness in terms of compliance.
Are employees using home computers? Do those devices have advanced anti-virus and anti-malware protection? Is data being backed up? Is data being securely stored and shared? Is data being stored on employee devices? Are devices used for work being shared with other family members? Is company data being stored with personal data?
The fact is, when you’re working from home, you don’t really have a dedicated connection. You’re essentially sharing that connection with your neighbors. It’s only as secure as you make it. Also, IT teams often struggle to manage home IT environments. If they can’t “see” your devices, data, and applications, they can’t monitor activity and keep them secure.
Security Best Practices
There are four key components to ensuring security and compliance while working remotely.
- Secure Remote Access: A virtual private network (VPN) is typically used to create a secure, encrypted connection between remote users and your company network, applications, and data.
- Multi-Factor Authentication: If you’ve been prompted to answer a security question or use your fingerprint after entering your username and password, you’ve used multi-factor authentication. This second layer of security makes it extremely difficult for unauthorized users to access your network.
- Company Policy. Most companies have an outdated or non-existent policy governing remote working. A documented policy should cover acceptable use (personal and company email, internet, company-owned devices, etc.) data protection (cloud backup and recovery), network access, password policies, BYOD, and other issues that directly impact security.
- Security Awareness Training. Because threats and technology are constantly evolving, your team needs ongoing, interactive training that requires users to demonstrate their security knowledge.
How Microsoft Azure Strengthens Compliance
Few organizations have the staffing and resources to keep up with regulatory compliance, which is now a day-to-day responsibility rather than an annual audit. Even fewer have the budget to make capital infrastructure upgrades every few years to implement new security tools required by regulators.
Microsoft Azure is the top-ranked cloud platform with most compliance certifications, including ISO 27001, PCI, HIPAA, SOC 1 and SOC 2, and FedRAMP. In fact, Microsoft stays ahead of cybercriminals by employing teams whose only job is to try to hack the Azure platform.
Security controls are integrated into Azure firmware and hardware, and administrators have the ability to control access to the network at the user level. Also, cloud backup and recovery are built into Azure to provide reliable business continuity, regardless of where your employees are working. Every time users log in, they’re using the latest technology protected by modern security tools.
Why the Right Cloud Partner Is Critical
Migrating workloads to Azure and configuring settings is a complex process. This is why you need to work with a cloud solutions provider like Ancero that knows how to securely and efficiently move data and applications to the cloud and comply with national, regional, and industry-specific requirements governing the collection and use of data.
When teams started working remotely in March, the challenge of maintaining compliance outside the organization was magnified. Not only have remote workers become targets, but vendors can also be a gateway for hackers to obtain sensitive data. Compliance standards must extend to vendors to ensure they have the tools and controls in place to prevent a breach.
Ancero is a Security Service and Operational Controls (SOC) 2 Type II-certified provider. This mean we’ve implemented strict security and privacy standards for handling highly sensitive customer data. These standards apply to all our facilities, business processes, and technology and have been validated by a certified third party.
The clients of Katz/Pierz demand that their private data is kept secure and that Katz/Pierz will continue to function during difficult circumstances. At the same time, regulatory bodies demand that compliance requirements are met, regardless of where employees are working.
Moving to the Microsoft Azure cloud with Ancero made it possible to Katz/Pierz to meet these demands. The cloud enables organizations of all sizes to meet evolving compliance standards without draining in-house resources or upgrading infrastructure.
If you’d like to learn more about how cloud solutions can simplify compliance as remote working continues to expand, contact Ancero today for a consultation.