Businesses across the globe have moved their teams to remote working in response to the COVID-19 pandemic. The transition of IT systems and devices out of the office and into the homes of employees has generally been relatively smooth. But with technology working and most of us adjusted to this new way of working, the question is: what comes next?
It’s becoming increasingly obvious that organizations should now be preparing for a more sustained period of remote working and consequently you need to ensure that your IT strategy, technologies and policies are as robust and secure as possible.
But to do this you first need to understand the risks. By taking the time to review and consider the following questions around technology, security, people and processes, you can ensure your remote workforce can operate securely and to its full potential throughout the lockdown and beyond into the “new normal” that we’re all living by now days.
If there’s anything that’s risen to the forefront in this current crisis, it’s the critical role that technology plays in connecting teams remotely and helping organizations to operate business-as-usual.
You may have equipped your team with the necessary equipment and software to carry out their daily work remotely, but there may be other factors outside of your control that have an impact. For example, if their home internet connection is slow or unreliable it will greatly reduce their productivity, so what additional steps can take to make improvements. Here you should be asking:
- What new systems, software or devices do you now need to enable your employees to continue to work as effectively as possible remotely? Are there any technology issues that may slow down productivity? For example, do you know how reliable your employees’ internet providers are? Do you need more capacity or resilience to cope with sustained homeworking?
- What applications or systems might employees, or their family, be using, outside of the organization’s control, in a home environment?
- What devices are being used? Company-owned or employee-owned or both? Do you have full visibility? You should have a central view of all the work assets that are now in employees’ homes but if employees are using their own devices, then do additional security measures now need to be implemented?
Processes and policies
Data protection and compliance remain vital, regardless of where staff are working. This becomes more of a challenge in a fully remote environment and even though many organizations have already migrated to cloud solutions which may help address the issue, it is now time to think this through properly. In this environment you need to be asking:
- Does my organization still meet compliance requirements in this new environment?
- Do I have the right policies in place, and do they need updating? For example, is my BYOD policy still fit for purpose or does it need to be revised to deal with the current situation?
- Does the processing of personal data remain in accordance with data protection law and company policy in the new environment? It isn’t just electronic data you need to consider. What about physical documents held away from the office?
Each time a new way of accessing data is created, it puts that data at greater risk. This risk is intensified with remote working as your organization’s perimeter is now highly distributed making it harder to control access to data and know if, when and how data is breached. It’s now more helpful to think about securing the application and its data, rather than a place or a specific device.
You need to make sure you fully understand the new security risks facing your organization. Here the main questions to consider are:
- How are employees now accessing systems? On what devices and on what networks? Any home devices or networks are unlikely to have the same level of security, e.g. they won’t have multiple firewalls or may be used on unsegregated networks that are shared with other family members. Do you need to consider providing a separate work broadband line if an employee doesn’t have a solid and secure internet connection?
- Do further controls need to be implemented to safeguard data security? Remote working will increase the likelihood of data breaches or leaks, such as offline copies of documents or uncontrolled versions – how will you mitigate this?
- Do you have the right risk management frameworks or solutions in place? Consider implementing solutions such as monitoring software for data leak prevention, two factor authentication and network access control.
The final area to think about is your people and whether you have the right support and technical expertise to maintain your remote working capability long-term? Alongside this you should be asking:
- Is your team equipped to deal with the influx of user issues that will arise from working from home? Do you need more support, either internally or from a third party?
- Are all the necessary staff fully trained and aware of best practice for working from home? Do you need to put in place more testing or training?
- How can your organization make any required changes to IT when everyone is working remotely? Again, do you need to work with third-party providers for support?
As we enter the next phase of remote working, it’s important to use this period as an opportunity to strengthen remote working practices and safeguard your business.
Getting these security measures in place right now will position your organization well for the long-term – especially if we are required to carry on remote working after restrictions are lifted.
Adaptive Information Systems was founded with the mission to help businesses get the most out of their technology investments. Are you looking for great Monterey technology company? We are ready to manage your IT needs so you can focus on running your business.