Actually, businesses can enjoy both high staff productivity and WFH security. Here are some tips to achieve this balance…
Remote-working had already been a rising trend in recent years, but no one could have predicted that an event like the COVID-19 pandemic would cause entire companies to move to the digital workplace overnight.
As companies continue to refine their business continuity plans, cybersecurity has weighed heavy on the minds of business leaders as well. Yet, the technical challenges of securing a remote workforce amidst heightened cyberattacks can impact staff efficiency.
How do business leaders balance provide a positive end-user experience while maintaining their corporation’s security posture and ensuring data privacy with their remote workforce? According to Chris Konrad, Director of Global Financial Security at technology consultancy World Wide Technology, there are three major areas to consider for a secure and scalable access solution to optimize the digital workplace. Here are his views and digital workplace recommendations:
- Visibility and data privacy
Chances are your company has been utilizing a Software-as-a-Service (SaaS) solution. Though these solutions appear to be an immediate solution to remote-working concerns, companies must perform due diligence to ensure that the potential benefits are met with equally-strong security measures.
The best practice is to err on the side of caution—examine the service agreement from your vendor provider and check to see what backup and recovery services they provide. Your company should also conduct a security-posture assessment comparing on-premise workers and remote workers to ensure that the same security posturing is in place across the organization.
As companies continue their digitization journeys, they are likely changing their hardware or transitioning to software, and therein lies the risk of inconsistent security, which increases risk and operational burden. Companies should avoid purchasing tools individually as this can lead to ‘tool sprawl’, and instead work with an expert who can advise on a tailored, holistic security strategy that does not compromise productivity.
For an added layer of visibility and control of users’ applications access in today’s remote-work environment, companies can consider establishing a secure web portal that is protected by a variety of measures including Multi-Factor Authentication and Single Sign-On. With this, all applications are accessed centrally by users, and companies will be able to know exactly who, what, when, and where a user is accessing applications.
- Secure and scalable connections
Many workforces now rely on a virtual private network (VPN) to stay connected while working remotely, yet VPNs are far from an all-in-one security solution. Many companies do not ensure infrastructure changes and security requirements are in place to support effective remote work at a large scale.
In order to successfully use a VPN connection while maintaining the best possible experience for your workforce, businesses should occasionally disable unused modules and create thresholds for informative alerting. On top of that, choose your vendor carefully—ensure a good track record of the company you intend to outsource your VPN service from.
As a final step, manage the expectations of end-users, as using a VPN may result in slower connection speeds. Though this may appear to hamper productivity, it likely will not reduce overall business efficiency; the peace of mind is ultimately worth the minor inconvenience.
- End-user experience and awareness
User experience is closely tied to factors including internet connection, audio and visual quality, and availability of services—all of which can be addressed through various processes and technologies to optimize business efficiency. As business finesse the end-user experience for staff, do not forget that end users are often regarded as the weakest link in cybersecurity.
Even with security measures in place, the success of cybersecurity and remote-working arrangements boils down to the behavior and awareness of end users. Although it may take more time to transition to new arrangements, user-awareness training program are essential for staff to recognize threats and cyberattacks. The training should also cover remote-working policies and outline a plan in the case of a security breach.
A study had showed that 52% of employees believed they can get away with riskier behavior when working from home, including sending confidential files via email instead of using a more secure method of data sharing.
Businesses can also consider setting up a regular newsletter to inform employees about policy or software updates or relevant cybersecurity trends.
Striking a balance holistically
When it comes to a well-functioning digital workplace, a holistic approach that ensures all the above areas are aligned and balance will be necessary to both protect and empower your organization. This is especially true in the APAC region as it is considered a hotbed for cyberattacks.
Efficiency and security are both indispensable, and a well-developed plan will not necessitate a great compromise of either of these factors. Through your digitization journey, you will find that taking a consultative and architectural approach to remote access solutions is much more effective than focusing on stop-gap measures in the long term.