There are many advantages of an intranet, from secure hosting of company policies and important documents, to employee engagement and nurturing interaction between colleagues. When seeking new intranet solutions or a new internal communications platform, a concern that is often mentioned at the beginning of the process is that of security.
Three levels of intranet security ownership
Intranet security can generally be managed at three levels; company, admin and user level. Permission-based access is one of many advantages of an intranet that makes considering one for your company a great idea!
Advantages of an intranet at the company level
The company level is usually managed between the intranet provider and the IT or technical team that manages company device access and security. Whichever platform you choose to build your intranet on, the provider should apply intranet security best practices to ensure that data is kept safe through cloud hosting, adhering to your organisation’s privacy and compliance requirements.
Another advantage of intranet security is the authentication required for users to login. Employees will only be able to access the intranet once they have been authorised. This can be managed through Single Sign-On (SSO) which allows user authentication in your own organisation’s systems without requiring them to enter additional login credentials. SSO maintains a user-friendly employee experience while keeping system access safe and restricted only to employees.
Sometimes, when working with external parties, suppliers or clients, the lines of security can become confused. Eradicate ambiguity and ensure all exchanges of documents and data are done via a secure portal such as an extranet that is linked with your intranet, whether you’re at a desk or on-the-go.
How is an intranet secure at the admin level?
Not all of your employees will require the same levels of access. It is most likely that there will be an individual or a small team who manage the day-to-day running of internal communications, and therefore, the administration of the intranet.
The second level of intranet security applies to colleagues who will be managing the ‘back end’ of the intranet and will need special administrator permissions to be able to create new pages or build new content areas.
By having a manageable number of people listed as admins, it is easier to track and manage any updates to the intranet, and just as importantly, manage who can see specific updates, as not everything will be relevant to everyone. For example, a Parental Leave Policy could be applicable to all employees, but a Recruitment Policy may be only relevant to HR colleagues and team managers.
One of the many advantages of an intranet is curated feeds, and to enable this we can segment colleagues based on which content is relevant to each group, whether it is a project team, a department or a committee. When your company asks, is an intranet secure? You can reassure them that administrators can add or remove visibility for individuals and teams to pages, content areas and menu items, such as the addition of hubs and communities so you have control on who sees which content This not only improves employee experience by avoiding clogged feeds but ensures that people only see what is relevant to them; users are less likely to come across information that is not intended for them, such as business strategies or financial information.
Intranet security best practices at the employee level
Employees can have access to any areas granted to them by the admins, and the ‘employee’ view is what most users would see upon login. In line with your usual company policy, it can be reiterated to employees that the intranet is solely for use by colleagues and login information or content shared on it should not be shared externally without permission from an admin or management.
You can provide initial training for new starters or new intranet users so that they understand how it works and how they can engage with it, increasing the security of your intranet with everyone following best practice guidance. For example, encourage the sharing of company social events on an internal social feed via your secure intranet, rather than asking employees to post on their personal social media accounts.
It can also help to have a formal policy for intranet security best practices including the limits on what should (or should not) be shared, and where. This can protect employees’ personal information or circumstances, and prevent issues arising with HR.
We practise what we preach when it comes to intranet security
Oak is built on Microsoft Technologies and hosted on Microsoft Azure which is one of the most trusted and secure cloud platforms in the world. All Oak data is hosted in the same place you would find all of your SharePoint and Microsoft data. Our ISO 27001 and Cyber Essentials Plus certifications also demonstrate our ongoing commitment to implementing the highest standards of information security.
We understand that your data can be sensitive and you need it to be kept as safe as possible. To be sure that we provide optimal intranet security for all our users around the world, we use location based servers to keep your data within the localised area to comply with security needs as well as DPA and GDPR regulations.
We can talk you through the advantages of an intranet and how secure our product is via a free demo. Click below to register your interest with our expert team and we will be in touch to demonstrate our intranet solutions to you.