Are You Prepared for a Hybrid Way of Work? LogMeIn Exec Offers Tips.Ramon Ray
It’s been over a year since the COVID-19 pandemic forced organizations around the world to shift to remote work, creating some of the most significant challenges ever for the IT and cybersecurity industry. Overnight, employees had to rely on their own devices while IT and security leaders rushed to provide makeshift network access methods, advance their technology and scramble to protect their data and end users.
After a year of insight and takeaways from what is arguably the world’s largest experiment in remote work, both employers and employees have realized that the model is feasible – and in many cases, preferred. In fact, 97% of workers don’t want to return to the office full-time, but many still want to have access to an office or co-working space.
So, what does this mean for the SMB workforce? How will organizations tailor their return to the office for the new hybrid work world?
Shifting priorities for a new remote environment
A hybrid work environment has been taking shape for the past few months, and it is expected to become the norm as many businesses reopen their offices. Organizations are preparing to provide the flexibility employees desire, while maintaining the utmost productivity and security for their business.
Effective ‘anywhere’ work programs require meaningful investments, which cannot be implemented overnight. Since the pandemic drove businesses to the home office, we have seen how organizations have taken their digital transformation to the next level. However, this rapid shift into a remote environment also revealed many challenges to secure their resources.
Steps To Consider
As we revisit, test and fine tune policies, processes and technology to improve business continuity plans and enhance how we approach the hybrid work world, there are several key steps organizations should take into consideration:
- ‘Collaboration’ is more than one app. Productivity continues to be one of the primary goals for businesses of all sizes. No matter where employees are based, they need to be able to communicate efficiently and collaborate effectively to maintain business operations. With the shift to remote work, many organizations opted for cloud-based applications that provided the benefits of feeling connected with the ease of deployment and user experience that teams needed. Now, those one-click set up options need to also provide industry-standard security protocols for encryption and authentication to ensure any type of corporate information stays within the teams that should have access.
- The corporate perimeter is now everywhere employees are. Remote work has broken down the walls of the traditional corporate perimeter. Employees are now leveraging their home networks to do their jobs. Yet, in doing so, new challenges have been introduced like unguarded end points that threat actors can take advantage of. To better defend against security threats such as shadow IT, phishing and credential stuffing attacks, IT and security teams must ensure basic security best practices, like proper password management, are mandated. It is also critical to revisit processes and policies for data sharing and endpoint security.
- Ensuring secure access, anywhere. Multiple applications and tools were implemented during the transition to remote work, some of them without considering the implications to the broader security environment. As complexity became greater, and threats continue to evolve targeting at home workers, authentication technologies are becoming an essential part of improving security both for the organization and its users. Multi-factor authentication helps IT verify that the user logging in is legitimate, which is particularly important when every employee logging in is outside of the traditional corporate perimeter. Identity and access management tools are quickly gaining traction with organizations of all sizes, as it allows teams to scale up and down as needed and for the IT team to be as hands off or on as they need in order to manage details and enforce access policies for the full set of employees.
- Don’t forget about physical security. A return to the office also impacts physical security and should not be forgotten. With lots of new faces of remote hires and excitement to be back in a social setting, SMBs need to be ever more security centric in the workplace. You have to remember; most new hires have only interacted with their teams and other employees may not be familiar with seeing their faces in the office. Tailgating is a physical security breach in which an unauthorized person follows an authorized individual to enter a typically secured area, such as the office. Security awareness programs and communications will help employees know how they can help keep the company secure by taking simple actions like asking to see an employee’s badge before they let them into the building or locking their computers when they walk away from their desks.
Taking the cybersecurity lead
Today, leaders all over the world continue to battle the increased cadence of threats as attackers continue to exploit the remote work environment. Unfortunately, the basics of cybersecurity continue to be one of the main reasons why users struggle to keep their information secure.
Remote work and strong cybersecurity aren’t mutually exclusive. In fact, a well-planned, well-executed cybersecurity strategy will make remote work easier to support. Employees will be poised to enjoy more of the benefits of remote work, while IT is able to minimize any added risks. Since remote and hybrid work are here to stay, IT leaders should invest now in upgrading or adding security technologies that make remote work safer and more productive.
Ian Pitt serves as Senior Vice President and Chief Information Officer at LogMeIn. In this role, he is responsible for Cyber Security, Governance, Corporate IT, Business applications and Product Operations for the global company. With more than 20 years of experience leading business process management and optimization, industry compliance/governance processes and cyber security, he joined the company in 2016. Prior to joining LogMeIn, Ian has held a number of CIO and CTO roles in transformational companies and has lead On-prem to SaaS conversions of products and industry solutions teams on a global basis.