How to Prioritize Employee Experience (ESAT) While Keeping Your IT Costs Down

by | Aug 6, 2021 | IT Operations

Woman enjoying using her tablet in warehouse

Modern organizations need their technology to be just that: modern. And that also means that they need modern ways of working to be productive and competitive. Last year’s work routine upheaval (hello, barking dogs and curious toddlers) led to pretty much everyone getting a crash course in remote work. Now many companies have adopted the hybrid work model which combines office and remote work. This is commendable to be sure, but for most companies, it also brought a whole new set of pains.

Small IT Headaches, Major Consequences

The small headaches turn into one big operational migraine when employees are allowed to leave the strict security perimeter around their physical office. Then they compound again when those employees start using personal laptops instead of the office desktop computers that are managed and secured by the company. Typical headaches look like:

  • Employees having trouble accessing the tools they need.
  • Password reset support tickets multiplying at an alarming rate.
  • Access attempts from unknown devices triggering security alerts.

The real cost to the company is that employees are locked out of doing their work and it becomes an “all hands on deck” situation as resources are called in to relieve the pain on a case-by-case basis.  Productivity suffers and no real, lasting solutions are put in place. So, employees are frustrated, they become untrusting of the company’s technology, and the company is leaking money by only addressing the symptoms of the problem.

There are a few steps that any organization can take to help alleviate the pain, and Microsoft provides tools that help you do them. It’s important to note that if you’re already working with or are looking into a partnership with a Managed Services Provider (MSP), these steps should be taken care of by your technology partner. It would be wise to check with them to make sure that these are a part of their standard operating procedures.

Enable Conditional Access to Empower Your Employees

Conditional Access is a tool available to Microsoft 365 users that provides organizations with better control over protected resources, like business emails, Software as a Service (SaaS) apps like Teams, and documents stored in the cloud.

This is done by bringing together various working elements and information about the technology used. It includes understanding user identity and location, device information, and real-time evaluation of risky sign-in behavior. Then the company figures out which organizational policies must be put in place by going through a series of if-then statements.

Here’s how Conditional Access can be applied in practice to greatly improve employees’ experience:

  • A remote employee requests access to a Microsoft 365 service from her work laptop that’s connected to a secure home network. Because both the laptop and the public IP address of the network are trusted, access is granted right away. Work starts when she’s ready to start, not when IT is ready to help her start.
  • An employee working from the office has decided to access a SharePoint document using his personal tablet and present it to a potential customer in a meeting. The access request is granted, but multi-factor authentication (also known as MFA or 2FA) is required because it’s coming from a mobile device. So the employee can meet the client where and when it’s more convenient for the client, not for the company’s IT requirements.

By applying the right access controls using Conditional Access, you can make sure employees are instantly productive without any limitations while protecting your organization’s assets. For those of you interested in owning this tool, it’s available to all customers with Microsoft 365 Business Premium or Azure AD Premium P1 licenses.

Say Goodbye to Failed Login Attempt with Passwordless Authentication

Passwords are a primary attack method because employees are notoriously bad at using them properly. They create passwords that are too weak to resist hacking attempts, store them in unsafe places (is that a post-it note?), and even share them with colleagues. Worse, some share them with people they believe are their colleagues, vendors, or partners.

Thanks to tools like the Microsoft Authenticator app, and FIDO2 security keys, a Conditional Access policy that requires MFA can be completed without entering a password because:

  • Microsoft Authenticator app turns any smartphone into a passwordless authentication method.
  • FIDO2 security keys (USB, Bluetooth, or NFC devices) make phishing impossible by physically carrying a private and public key.

These passwordless authentication methods provide an excellent combination of convenience and security. And enabling them couldn’t be any easier.

Investing in Employee Experience Is Always a Good Idea

It doesn’t take much (and it certainly doesn’t cost much) to streamline your IT infrastructure and create a more consistent experience for your employees. Your reward for the little amount of work required will be a more productive and happier workforce (after all, who enjoys scrambling for their phone to send up red flags via text message when they can’t log into their machine?).

As mentioned, a solid Managed Services Provider (MSP) should have these practices as second nature when they’re working with a client that has even the most part-time of remote workers. Help Desk Cavalry is one of them. Get in touch with us so we can help you see what life could be like in a world of adaptable and successful employees. Let’s get down to business.