Security Resilience in the Americas
July 6, 2022
How Melissa Tan does it all while protecting the planet
July 8, 2022

Securing the modern workplace

Since early 2020, nationwide lockdowns and movement restrictions have given rise to spontaneously set-up home offices, powered by digital platforms and technology. Now, two years down the road, one thing is clear – hybrid is the future of work. The collective experience of the past two years has fundamentally changed how we perceive and define the role of work in our lives.

For a successful shift to hybrid work, we realized that a key factor is to embrace the “hybrid paradox,” in which people want the flexibility to work from anywhere, but simultaneously crave more in-person connection. Microsoft’s annual 2022 Work Trend Index supports this, as the report found that employees worldwide now have a new “worth it” equation. In Malaysia, 58% of employees say they are more likely to prioritize their health and wellbeing over work than before the pandemic.

A contributing factor to this shift is the accelerated adoption of technology in the way people work. While digital adoption has vaulted five years forward in a span of eight weeks according to McKinsey & Company, on the other end of the spectrum, we also hear and observe rising concern for cybersecurity.

Understanding cyber risks

Now more than ever, cybercriminals are taking advantage of the changing work environments and possibly weakened security capabilities in a remote work setup.

Microsoft’s Digital Defense Report 2021 found that the past year has recorded a burgeoning cybercrime economy. This has grown in both complexity and fervency, and we’ve seen cyber criminals employ increasingly sophisticated methods, whilst continuously escalating their activity since the start of the pandemic.

In fact, Malaysia’s Home Minister Hamzah Zainudin shared that around 13,000 cybercrime cases were reported in 2019, involving losses of RM539 million. The number rose to 17,000 cases in 2020 and last year, the number of cases increased to more than 20,000, with total losses estimated to be at approximately RM560 million. Between January and February this year alone, there were already 3,273 cases reported involving losses of RM114 million.

The impact of cybercrime is not limited to theft and damage to intellectual property and breaches to personal or financial data. A research by Cybersecurity Ventures indicates that it can also lead to productivity loss due to disruption to the normal course of business, and possibly even financial loss and reputational harm to the organization. On a more severe and larger scale, a cyberattack could even disable the economy of an entire country.

Zero Trust strategy

Microsoft’s cybersecurity ethos is built on the principles of Zero Trust—an essential security strategy for today’s reality. Zero Trust is a proactive, integrated approach to security across all layers of the digital estate that explicitly and continuously verifies every transaction, asserts least privilege, and relies on intelligence, advanced detection, and real-time response to threats.

Now more than ever, cyber risks cannot be treated as something that only IT and security teams manage. Criminals, whether in the physical or digital worlds, seek to exploit any opportunity that exists, so while recovery solutions are crucial to have, everyone has the responsibility to safeguard against these emerging threats – and it’s not just smaller and under-resourced organizations that are at risk, large and well-equipped organizations are also vulnerable.

With the continued hybrid work arrangement, it is imperative for organizations to adopt infrastructure and industry best practices that can enable a more secure work environment with minimal disruptions to the workforce’s productivity.

An example to cite here is how local telco giant, Axiata Group Berhad (Axiata) fine-tuned its security practice by replacing passwords with biometrics for its internal authentication among employees. By embarking on Microsoft passwordless solutions through Windows Hello for Business, Axiata uses facial recognition or fingerprint matching to verify the identity of each employee. It then blends this with Azure Active Directory while leveraging Microsoft Defender for Endpoint to create a unified security posture that enables its mobile workforce to authenticate access even while they’re on-the-go.

A combination of biometric and multifactor authentication has not only enhanced security for Axiata, but also nurtured a greater sense of awareness on cybersecurity as users are required to provide a second proof of identity. In fact, this resulted in a 12 percent reduction in password-related help desk tickets for the telco conglomerate, offering better access to information with greater barriers to cyber threats.

Importantly, by adopting these security practices, Axiata’s workforce of more than 12,500 employees are now empowered to make better decisions and reduce risks of credential harvesting by bad actors. The streamlined security systems also offer a productivity boost to employees, who can now seamlessly sign in their devices and get work done at anytime from anywhere, with a peace of mind.

As more businesses and organizations shift to hybrid work, Microsoft is strengthening user trust in technology by helping protect the digital ecosystem. At Microsoft, we are committed to empowering businesses and organizations across the private and public sectors with the best tools they need that will help protect and secure them.