HR and IT Can Lead the Charge to Make Remote Work More Secure
The shift to remote work spurred by the COVID-19 pandemic has been perhaps the biggest change in business operations we’ve ever seen. When remote work transformed from something a few people did on occasion to a mandate for nearly all employees, companies around the world scrambled to scale up their resources to enable it. Many fell short, leaving employees to use personal devices to access the systems and information they need to do their jobs. That has created a gaping security hole.
But business must go on, even in times of crisis. While employees may be prevented from getting to an office for an extended period of time, they are ways they can connect to the tools they need without sacrificing organizational security. Ensuring safety while maintaining continuity requires flexible business models and workplace technologies to support strategic functions and infrastructure.
Business Is Now Personal
As employees around the world adjust to working from home, many are using whichever endpoints give them the quickest access to the resources they need to get work done. Often, this includes personal laptops, tablets, and phones. When employees access corporate resources through personal or unmanaged devices, a holistic security strategy is needed to protect against keylogging and screenshot malware.
When present on a device, keylogging malware captures each keystroke entered by a user, including usernames and passwords. Screenshot malware periodically takes a snapshot of the user’s screen, saving it to a hidden folder on the device or directly uploading it to the attacker’s server, where the information can be exploited.
While IT takes measures to ensure that corporate-owned and managed devices are secure through policy administration, regular health checks, and web filtering, workers might not take the same measures on their personal devices. It’s unlikely that they are monitoring the health of their devices at all, despite the fact that they visit popular sites that are havens for malware. So, while IT invests in security solutions, the risk of a data breach is still high because personal devices infected with malware can enter any corporate network when employees work from home.
Organizations can grant employees the freedom to work when, where, and how they want using the applications and devices of their choice without sacrificing security. Doing so requires investing in the right software security solutions to protect apps and data on unmanaged endpoints and ensure corporate systems and information remain safe.
A Joint Effort
To set employees up for success, it’s essential to provide a digital workspace that has all of the tools and data a person needs. There are a lot of best practices out there, but there’s no one-size-fits-all solution. It all comes down to designing solutions for the context of the organization. Every company — and employee — has unique requirements and needs.
Successfully enabling remote work takes more than just flipping the switch on technologies. It’s really about behaviors and strong, two-way conversations between employees and managers about what works and doesn’t work. Culture plays a huge role in adoption — and this is where HR and IT teams can step up and make a difference. CIOs must collaborate closely with their HR peers to unify their respective teams in a security-focused approach.
Employees need to understand the context for enabling remote work. Otherwise, it’s going to be difficult for them to make the adjustment. HR can set this context, while also establishing expectations and provide training on how employees can make remote operations work. For its part, IT can walk in the user’s shoes and collect feedback along every step of the user’s journey, which can then be used to shape and deliver a superior experience that enables high-caliber employee performance.
You can have the best technology in the world, but if you don’t provide employees with resources to help them make the adjustment, they won’t use it. Employee support should extend beyond instructions on how to use secure software: It should also include things like tips on setting up a home office, flexible schedules to accommodate family responsibilities, virtual office hours where employees can drop in on their managers to ask questions or just vent, and leveraging videoconferencing and chat apps to drive richer communications.
Seize the Opportunity
Within every challenge lies an opportunity, and the COVID-19 crisis is no different. Take the time now to build a culture in which your employees are empowered with the tools, confidence, and trust they need to adapt and thrive. The same investments companies are making in remote work today can help them be more agile in the future.
Indeed, this experience has opened up the aperture for technology and business leaders to really think about remote operations and the future of work. Not only can enabling secure telecommuting offer a good business continuity measure, but it can also serve as a strategic tool for attracting the right talent and activating untapped workforces across the globe in the long term. Smart IT organizations recognize this and are placing technologies like digital workspaces at the core of their business continuity plans to help manage resources in a dynamic and scalable way.
Donna Kimmel is executive vice president and chief people officer for Citrix.