Success stories

Our customers come in all shapes and sizes.

We work with organisations from all walks of life, with different ambitions and requirements. Explore how we’ve helped them reimagine everyday, and align technology with their culture and business goals.

Microsoft 365 Business Standard vs. Premium: Discover what’s right for your business

What's best for your organisation? Microsoft 365 Business Standard or Microsoft 365 Business Premium? Here we explore the features of each product to help you decide.

View case study >

Microsoft Intune integration makes BYOD more secure

A recent update to Microsoft Intune is set to increase mobility and productively as more organisations, and their employees, can use BYODs securely. Find out how here.

View case study >

BYOD risks, and how to mitigate against them

What are the BYOD risks and how can you increase mobility while protecting your people, organisation and data? Find out here.

View case study >

Azure AD and Microsoft Intune. Using the cloud to modernise enterprise mobility

In the modern workplace employees are increasingly dependent on mobile devices to complete daily work tasks, but with these demands come unique security challenges. Whether providing corporate devices for your users or allowing them to use their own, IT must manage these devices quickly and efficiently to meet the user’s needs. However, the need to ensure that the apps and data on these devices are protected is crucial. Intune enables you to manage mobile devices and mobile applications while securing your company data and only allowing approved users access. It closely integrates with Azure Active Directory (Azure AD) for full identity control and Azure Rights Management (Azure RMS) for data protection Intune provides a flexible and scalable mobility solution for your organisation across all the major platforms (iOS, Android and Windows). The primary tools that Intune offers include: Mobile device management (MDM): The ability to enroll devices in Intune so that you can configure, monitor, and initiate remote actions on those devices, such as wiping them. Mobile application management (MAM): The ability to publish, push, configure, secure, monitor, and update mobile apps for your users. Mobile application security: As a part of managing mobile apps, the ability to help secure mobile data by isolating personal data from corporate data and allowing the corporate data to be selectively wiped. If you would like to speak to one of our Microsoft consultants about Windows Intune in your organisation than please get in touch with us.

View case study >

Microsoft 365 Business Standard vs. Premium: Discover what’s right for your business

The Microsoft 365 for business suite brings together office applications, Windows 10 or 11 and Enterprise Mobility and Security. It’s a powerhouse of productivity, communication, collaboration, and security. For organisations with fewer than 300 seats, there are four licensing options when deploying Microsoft 365: Microsoft 365 Apps, Business Basic, Business Standard, and Business Premium.

Microsoft 365 Apps and Business Basic are the cheapest options but lack many features, which is why for most organisations Microsoft 365 Business Standard or Premium is the best fit.

Here we compare both products so you can decide what’s right for you.

Do you already subscribe to Microsoft 365 and want to know if your organisation is on the right plan for your requirements? Our free Microsoft 365 Licence Health Check explores your licence usage and adoption, and makes recommendations if there’s a better way to get the services you require. Learn more here >

Microsoft 365 Business Standard

A Microsoft 365 Business Standard licence includes Windows 10 or 11, with access to mobile, web and desktop office applications (Word, Excel and PowerPoint), as well as a suite of cloud services for collaboration and communications (Teams, Exchange, OneDrive and SharePoint). Business Standard users are protected with standard security and compliance features. It also includes some lesser-known applications, such as Microsoft Forms, Lists and Bookings, which can improve many business processes.

Microsoft 365 Business Premium

Microsoft 365 Business Premium is the most feature-rich Microsoft license for businesses under 300 seats. Business Premium includes all the features in Business Standard, with additional advanced security features. These include the use of Intune, Azure Information Protection, and Microsoft Defender (soon to be Microsoft Defender for Business).

Intune

Microsoft Intune is a cloud-based mobile device management (MDM) and mobile application management (MAM) service. It allows businesses to control how devices, such as mobile phones, tablets and laptops, are being used. It is also possible to configure policies for specific applications on a device.

The use of Intune can reduce the risk associated with shadow IT, BYOD programs, and enable efficient update and patch management. As hybrid work and remote work has become commonplace it is increasingly important to be able manage employees’ devices. With employees working away from the office, IT teams have less visibility over individual devices, which increases the chance of a cyberattack.

Azure Information Protection

Azure Information Protection (AIP) is a cloud-based service that allows businesses to discover, classify, and protect documents and emails by applying labels of the content. With efficient use of AIP, businesses can strengthen their security posture by setting limits on documents and users’ actions within a document.

The use of AIP enables businesses to have more granular visibility over where content is being distributed and how it is being used. This prevents illicit modification and distribution of data, solves the challenge of unauthorised individuals viewing sensitive content, and helps businesses meet regulatory data protection and compliance standards.

Microsoft 365 Defender / Microsoft Defender for Business

Microsoft 365 Defender is a security solution that uses AI to automatically analyse threat data across Microsoft 365 to build a picture of each attack within a single dashboard. This technology can stop attacks before they happen by reducing the attack surface and eliminating persistent threats.

In November 2021, Microsoft announced a new security solution that will be available within a Business Premium licence, Microsoft Defender for Business. This solution brings enterprise-grade capabilities to businesses under 300 seats with next-generation protection, endpoint detection and response, threat and vulnerability management, and more. This new addition provides even more value to a Business Premium licence.

Which Microsoft 365 licence is right for your business?

The key differences between Microsoft 365 Business Standard and Business Premium are the security features. Although Business Standard has all the communication, collaboration and productivity features to empower your employees to do their best possible work, it does not offer any advanced protection over these applications. This lack of protection increases the risk of a data breach or other cyberattack.

Over the past two years there has been a substantial increase in the number of businesses falling victim to a variety of cyberattacks, most commonly, ransomware. Microsoft Defender for Business, along with the other advanced security features reduces the chance of your business falling victim to such an attack. Similarly, if your business has remote or hybrid employees, the addition of Intune makes it easier to manage employee devices, regardless of where they are located. For all businesses, we recommend having a conversation with one of our team to ensure that your business makes the right decision when purchasing a Microsoft 365 license. Contact us today and we will be happy to help.

Microsoft Intune integration makes BYOD more secure

Microsoft Intune, the mobile device management (MDM) solution, has been a key enabler of the BYOD revolution for many organisations.
Increasing mobility and making it easy for employees to access corporate applications, resources and data from their own device wherever they’re working.

While enterprises may provide their staff with corporate–owned devices, the BYOD (Bring Your Own Device) trend has also levelled the playing field somewhat for smaller organisations, allowing them to reap the benefits of a mobile workforce.

Find out more how Microsoft Intune supports mobile and remote workers here.

However, BYOD increases the risk of threat of cyber attack so to protect organisations from malware and other security threats, most mobile device management solutions require the BYO device to be enrolled and managed. This is not always popular with employees. In fact some organisations with rigid BYOD mobile device management enrolment policies, find that employees either avoid using their personal device for work or use their own productivity tools, not the organisations.

Until now.

Mobile threat defence now available for unenrolled BYODs

In a blog post released during its Ignite conference, Microsoft announced that it has integrated third-party mobile threat defence (MTD) solutions with Intune. This means that organisations can now block access to corporate apps and systems on unenrolled BYODs that are identified as a risk. Microsoft said:

“Microsoft Intune can integrate data from mobile threat defence (MTD) partners as an information source for device compliance policies and to evaluate Conditional Access rules based on device risk. By blocking compromised mobile devices from ability to access corporate resources like Exchange and SharePoint, this information helps organizations protect the modern workplace against device-based attacks.”

How does this impact our clients?

For clients already using Intune, this update means that employees can use their BYOD without enrolling and the business can avoid purchasing additional mobile threat defence solutions. Similarly any organisation looking for a MDM solution for the first time will find that Microsoft Intune is, currently, the only MDM that offers this capability as part of its solution, extending the zero-trust security perimeter to all protected users.

Initially, Microsoft plan to enter the mobile threat defence marketplace through integration deals with third-party MTD partners; Lookout for Work, Better Mobile and Zimperium. However, we wouldn’t be surprised if Microsoft develops its own MTD solution in the future.

To find out more about Microsoft Intune click here.

Trends to watch in the modern workplace

It’s not just remote and mobile workers that might benefit from a corporate BYOD policy and Microsoft Intune. For many employees, particularly Millennials and Gen Z, a mobile is their preferred device. Even people who are desk-based often find it beneficial to work on both their mobile and desktop, optimising their performance by switching between the best mobile and desktop apps for the task in hand. Microsoft Intune can help increase productivity for these workers as well as those offsite.

If you would like to discuss increasing mobility and productivity, empowering employees with BYOD policies and protecting your corporate systems with MTD solutions, please get in touch.

BYOD risks, and how to mitigate against them

Bring Your Own Device (BYOD) is a relatively recent trend (c. 2009) in behaviour where employees use their own mobiles, iPads, and laptops at work, for work. The drivers for BYOD are often to do with convenience but also because the technology individuals own is often more advanced than the hardware your average IT department would deploy. Many IT departments struggle to keep right up to date with every aspect of the latest technology, and an ever-increasing amount of people (e.g. millennials) are now more likely to be IT ‘self-sufficient’.

While in some industries BYOD has been common practice for some time, in others it’s only just gaining traction. This is causing business leaders, information security professionals and IT support a few sleepless nights. While there are clear benefits for promoting BYOD working for most companies and organisations, there are also risks that can have serious implications for IT security, data protection and compliance.

Benefits of BYOD

There are plenty of upsides to BYOD. It can bring employees increased satisfaction through better and easier access to corporate data, emails, and grant the flexibility they need to use the Cloud to get work done; particularly when working remotely.

Likewise, for an employer, BYOD can bring a subsequent increase in productivity, as well as reduced hardware costs, licencing fees and resource needed for carrying out maintenance.

However, it could be argued that the sheer number of downsides relating to BYOD mean that your business or organisation could be allowing additional risk factors into your corporate infrastructure.

What are the biggest risks of BYOD?

Here, we look at the key risks organisations should be aware of when it comes to BYOD:

1) No BYOD policy exists

Perhaps the biggest risk factor of all. All organisations should have a BYOD policy in place to protect themselves against being exposed to an attack through, for example, a virus or a hacker – both of which could lead to both financial or legislative penalties and reputational damage. An effective BYOD strategy will enable your IT department to secure both the devices and the data.

2) Complex security issues

Security issues will often clash with the overall convenience BYOD can bring. These include:

Data loss through physical loss or theft of the device, or through ‘cross contamination’, where corporate data may be accidentally deleted due to the fact it can be so intertwined with the user’s personal data.
Data leakage through the device not being adequately secured
Local exposure – where data being transmitted is not subject to the right controls
Public exposure – unacceptable use of a personal device by a family or friend, or a vulnerability through public Wi-Fi usage and connecting to personal networks – including the use of Bluetooth.
Malicious and rogue apps – downloaded to a personal device and not pre-approved / controlled by IT to protect the user.
An increased vulnerability to insider attacks due to the inherent use of an organisation’s local area network.

3) Definite privacy issues

Due to the fact that employees’ BYODs will naturally be accessing a number of different platforms, servers and networks during the course of a working week, their employer could also legally access them.

It can all seem a bit ‘Big Brother’ when you start to realise that your organisation has the potential ability to read private emails, messages, and access other personal data. There’s a fine line, though most experts agree that employers aren’t really interested in individuals’ personal lives; they just want to ensure that company data and systems are effectively secured.

How do you counteract the risks caused by BYOD?

The ideal scenario for both employees and the organisation is that your IT department has secured all organisational and employee-owned devices appropriately, that mobile applications have the right controls applied, and that corporate and personal data is not subject to leakage or security threats.

Underpinning this is the presence of:

A comprehensive BYOD policy, including pairing solutions which work well together in tandem, such as Next Generation Network Access Control (NAC) and Mobile Device Management (MDM) for example
Your IT capability extending to 24/7 monitoring to identify potential threats – with the ability to respond to any incidents ‘intelligently’ through disaster recovery and back-up procedures
IT solutions which embody rules which are practical, yet not too intrusive. This could include the ability to remotely wipe data, or device tracing (e.g. in case of theft or loss)
An effective Data Loss Prevention (DLP) strategy which is built with effective rules to ensure that commercially sensitive data is not sent outside of the internal network

Occasionally, you may come across a ‘rogue’ employee, who either pays no mind to general policies and conduct rules or just thinks that they simply know better. Effective internal training to upskill and educate staff on topics such as data security, identity fraud and cybercrime can work wonders in turning behaviours like this around.

Successfully mitigating against BYOD risks means that your workforce will ultimately benefit from gaining increased working mobility and flexibility, and your business needs not fear its IT security being compromised via BYOD.

To find out more about how we’ve supported clients with their BYOD policies, read our case study on Dutton Gregory. This solicitors firm needed to give their partners and staff the ability to work remotely from different sites, but also balance compliance regulations and their clients’ concerns over data protection. We enabled them to get the benefits of a more mobile workforce and BYOD, without compromising sensitive data. Read our case study here.

Azure AD and Microsoft Intune. Using the cloud to modernise enterprise mobility

In the modern workplace employees are increasingly dependent on mobile devices to complete daily work tasks, but with these demands come unique security challenges.

Whether providing corporate devices for your users or allowing them to use their own, IT must manage these devices quickly and efficiently to meet the user’s needs. However, the need to ensure that the apps and data on these devices are protected is crucial.

Intune enables you to manage mobile devices and mobile applications while securing your company data and only allowing approved users access. It closely integrates with Azure Active Directory (Azure AD) for full identity control and Azure Rights Management (Azure RMS) for data protection

Intune provides a flexible and scalable mobility solution for your organisation across all the major platforms (iOS, Android and Windows).

The primary tools that Intune offers include:

Mobile device management (MDM): The ability to enroll devices in Intune so that you can configure, monitor, and initiate remote actions on those devices, such as wiping them.
Mobile application management (MAM): The ability to publish, push, configure, secure, monitor, and update mobile apps for your users.

Mobile application security: As a part of managing mobile apps, the ability to help secure mobile data by isolating personal data from corporate data and allowing the corporate data to be selectively wiped.

If you would like to speak to one of our Microsoft consultants about Windows Intune in your organisation than please get in touch with us.

Cloud Business Limited
5 Elmwood
Chineham Business Park
Basingstoke
RG24 8WG

01483 939 087
hello@cloudbusiness.com

Cookie	Duration	Description
__cfruid	session	This cookie is set by the provider Cloudflare. This cookie is used for load balancing and for identifying trusted web traffic.
__hssrc	session	This cookie is set by Hubspot. According to their documentation, whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
__RequestVerificationToken	session	This cookie is set by web application built in ASP.NET MVC Technologies. This is an anti-forgery cookie used for preventing cross site request forgery attacks.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
elementor	never	This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.
JSESSIONID	session	Used by sites written in JSP. General purpose platform session cookies that are used to maintain users' state across page requests.
MS0	30 minutes	No description available.
MSFPC	1 year	No description available.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__hstc	1 year 24 days	This cookie is set by Hubspot and is used for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
__lotl	5 months 27 days	This cookie is set by the provider Lucky Orange. This cookie is used to identify the traffic source URL of the visitor's orginal referrer, if there is any.
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
_lo_uid	2 years	This cookie is set by the provider Lucky Orange. This cookie shows the unique identifier for the visitor.
_lo_v	1 year	This cookie is set by the provider Lucky Orange. This cookie is used to show the total number of visitor's visits.
_lorid	10 minutes	This cookie is set by the provider Lucky Orange. This cookie is used to identify the ID of the visitors current recording.
hubspotutk	1 year 24 days	This cookie is used by HubSpot to keep track of the visitors to the website. This cookie is passed to Hubspot on form submission and used when deduplicating contacts.

Cookie	Duration	Description
ANONCHK	10 minutes	This cookie is used for storing the session ID for a user. This cookie ensures that clicks from advertisement on the Bing search engine are verified and it is used for reporting purposes and for personalization.
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
MUID	1 year 24 days	Used by Microsoft as a unique identifier. The cookie is set by embedded Microsoft scripts. The purpose of this cookie is to synchronize the ID across many different Microsoft domains to enable user tracking.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.

Cookie	Duration	Description
_gd1624628211813	session	No description
AADNonce.forms	session	No description available.
CONSENT	16 years 6 months 6 days 10 hours 23 minutes	No description
DcLcid	3 months	No description available.
GetLocalTimeZone	session	No description
lfuuid	9 years 7 months 6 days 10 hours 24 minutes	No description available.
MC1	1 year	No description available.
SM	session	No description available.
SRM_B	1 year 24 days	No description available.
yt-remote-connected-devices	never	No description available.
yt-remote-device-id	never	No description available.

Success stories

Microsoft 365 Business Standard vs. Premium: Discover what’s right for your business

Microsoft Intune integration makes BYOD more secure

BYOD risks, and how to mitigate against them

Azure AD and Microsoft Intune. Using the cloud to modernise enterprise mobility

Microsoft 365 Business Standard vs. Premium: Discover what’s right for your business

Microsoft 365 Business Standard