In the last blog post, we talked about best practices for dealing with a shifting remote workforce as the entire economy starts to resynch to a remote (work from home) model. There are myriad considerations in play, and since it’s complicated on multiple levels, it requires thorough and thoughtful evaluation and planning. Which is not happening, at all.
For reasons that are clearly out of our control, we’re all being forced into a new reality, and most of us are not well prepared. Having talked about what your business can do to prepare to support a remote workforce, let’s look at what happens if you don’t. Larger enterprises, government entities and well-run mid-market companies should have a business continuity/IT Asset Management (ITAM) plan in place. Based on how this is playing out in the press non-stop, this is not what seems to be happening. So it appears there are three groupings; those that have a BC/ITAM plan in place and followed it, those that have one but did not have time to follow it, and those who didn’t. For purposes of implications, let’s look at the last two.
Run, don’t walk – Everyone suddenly compelled to join a remote workforce beats a hasty retreat, grabbing what they can while they still have the opportunity to do so. Last week I saw people loaded down on the subway with oversized monitors (most of which did not handle the trip well), with cables and connectors dangling behind them. There is a very high likelihood that these people’s employers do not know where their expensive infrastructure is going, And that’s the big stuff, what about the higher value smaller objects like mobile devices and laptops? Does your company have mobile device management and/or IT Asset Management system and associated policy in place, and has it been methodically implemented? If not, how are you going to know who is accessing your data while everyone is required to work remotely?
Easy vs. Safe – If you’re like most people who are now part of a remote workforce, you’re probably accessing your company’s infrastructure through your home wifi, which is often notoriously insecure. While a VPN (virtual private network) would be nice, it seems to be the exception rather than the rule. Even for those that have access to a VPN, they are not generally configured for everyone to be on them at the same time. And public wi-fi? Not for work. Ever. ITAM can provide visibility into not only what is where, but how they’re accessing company resources. This is absolutely critical to business continuity.
The new normal – Right now everyone is going through an adjustment phase as we settle in a new and very different way of working. The problem is we tend to adapt fairly quickly to new environments, and even more so when it’s everyone at the same time. Two lines are going to intersect here. Remote workforce members are going to start to relax their data and IT hygiene protocols as they settle in for something that is likely to last for months, and at the same time hackers and con artists are ramping up to take advantage of the coronavirus scare (New Cure! Click here for details!). You’d think people would know better than to click on something like that, yet it still happens. Everyone’s data is at much higher risk under the current circumstances. Enforcing usage protocols and proper security implementation (patches, etc.) is another benefit of an ITAM system.
Mini-legacy devices – As new mobile devices are introduced, the older ones (which most of the time are still perfectly suitable) get handed down or sold. In either case, there is a high likelihood that company information still resides on the device, and is now in the wild and completely out of your control. Even if it’s a personal device if it has company data you need to be able to control it in terms of data hygiene. The fact that it’s an employee-owned device doesn’t make the slightest difference, the issue is the data on the device, not the device itself.
There are a lot of considerations to deal with as the entire IT ecosystem is rapidly realigning to a new operational model. While to a certain extent the cat is already out of the bag, it is never too late to put protocols and measures in place that can secure your environment going forward. This is exactly what an ITAM system is designed to do. This new model is likely to last for months, so start securing your assets now.