Hybrid Era Challenges: Placing The Power Back Into The Hands Of The IT Department

The age of remote working has made way for the hybrid era. In February 2022, a survey by the Office for National Statistics showed that 8 in 10 workers who had to work from home during the Covid-19 pandemic planned to do so in a hybrid capacity thereafter. By May of this year, almost one in four (24%) were doing so.

As a result, the entire business security landscape has changed. Organisations face ever-growing weaknesses in the overall security of their business systems and data, and it’s a trend that’s creating increased concern. Many have even gone to the lengths of putting the onus on their employees to implement their own updates and alert them of any security concerns. However, such an approach has drawbacks that take the control away from IT departments at a time when they need it most.

Hybrid working risks

If IT departments keep security responsibilities at arm’s length during hybrid working arrangements, potential risks may enter the network unnoticed. If employees are using their own desktop computers or laptops at home, they may not proactively install up-to-date security software to protect their devices. An unsecured connection may be used to connect to the internet and locks and protections are likely to be absent, which would otherwise prevent them from accidentally downloading malicious software and applications.

It’s not just security that presents a problem. Ensuring that the right policies are in place is critical for compliance with regulations such as the General Data Protection Regulation (GDPR), with significant fines for those who fail to meet them. Where the IT department hasn’t implemented the right controls to ensure remote working employees are complying with policies, any data leakage can lead to significant consequences. Something as simple as a customer’s personal data being copied and pasted onto an employee’s personal laptop can be a breach. Humans are typically the main cause of data breaches, highlighting the importance of intervention.

Applications at the end-of-life or end-of-support stage will also be more vulnerable to cyber-attack. This complexity increases when organisations take it upon themselves to develop multi-layered applications in-house, where updates have to be made to each layer. Leaving this responsibility in the hands of non-specialist users can therefore prove problematic. Moreover, if applications are managed outside of the jurisdiction of IT staff, shadow IT can create a backdoor for hackers.

Shifting the responsibility back to IT

With the hybrid working risks clear, business leaders must take steps to ensure that the security emphasis is moved away from the individual and placed back into the hands of the IT department. To empower them to take the lead, they need the right tools. The issue is that applications are frequently treated as an afterthought rather than a business-critical asset. Supporting technology can facilitate standardisation across desktop, mobile and other Windows devices, which increases user productivity and reduces any service team overheads.

Other cloud solutions can enable IT professionals to effectively manage remote and mobile devices, including any remote-based applications. Policy layers and security measures can be added on top of applications, regardless of whether the device is owned by the business or under the jurisdiction of the employee. In the realm of compliance, data can be leveraged to establish controls and enforce procedures for both sharing and accessing sensitive data.

Alongside security, solutions can also address the potential for poor productivity. Technology can facilitate the visibility of any employees struggling to make the best use of their devices and therefore add them to the top of the priority list for delivery of a corporate laptop. Virtual desktops are another way to allow employees access to the applications and services required to complete tasks while simultaneously ensuring that sensitive data continues to reside safely within the corporate network. Applications that are implemented on virtualised desktops also likely to work more efficiently than if downloaded directly to the employee’s own device.

Securing the dispersed workforce

For many businesses, the convenience of a hybrid setup is empowering the work-life balance of employees and provides them with unprecedented freedom to complete tasks from any location. Freedom in terms of control over their own devices can, however, be detrimental to the wider organisation. Business leaders must take steps to bring the power back to the IT professionals when it comes to security and productivity and create a zero-trust environment. To ease the weight of this responsibility, intuitive solution stacks can provide a logical, affordable and powerful method for securing the hybrid workforce.

About the author: Andrew Carr is Managing Director at Camwood.