As a result of the COVID-19 pandemic, we are witnessing an unprecedented increase in home working, which requires remote access for tools and communications to conduct our daily jobs. This disruption is putting IT infrastructures at risk, while validating much of the industry’s investment in business continuity, resilience, scalability, accessibility, data protection and security.
With a global at-home workforce now entirely in place, what can IT professionals and CIOs do to ensure their private and public clouds can keep up and remain safe? And what steps and tests should they take to support a protracted change in the way we work? According to a recent Gartner survey, more than 74 percent of CFOs and business finance leaders expect at least five percent of their workforce will never return to their usual office workspace - becoming permanent work-from-home employees after the pandemic ends.
Even in the face of a global pandemic, we continue to promote a culture that requires easy and instant access to our tools, information and each other over cloud collaboration tools like Slack, Google Drive, Office 365, Microsoft Teams, as well as in-house applications.
This demand on IT requires private, public and hybrid clouds to have the agility, scalability and security to support entire workforces no matter where they are. IT leaders who have planned for this worst-case scenario are ready to scale at a moment’s notice. Likewise, they’ve already considered the impact on licensing, vulnerability and added traffic from employees working at home over personal devices and unsecured networks.
IT professionals who support an at-home workforce need to understand the difference between employees “running” applications and “accessing” applications. When technology is set up and configured correctly, it should be easy to access. That’s the whole idea of SaaS and cloud. The challenge is, how do you administer it? How do you run it?
Organisations that maintain private clouds onsite, which might not be accessible during stay-at-home orders, need a plan to make repairs physically - like swapping hard drives, replacing switches or cables - when their employees are home.
Likewise, whether at home or work, the end-user experience should be the same. If all apps and tools are optimal in an office environment, how do you make those adjustments ahead of time, so remote employees still have the same access and capabilities as if they’re working in the office? And how do you maintain your security and IT compliance obligations?
Where and how to start?
The easiest advice might be to avoid trying to boil the ocean all at once. If your applications and data aren’t on the cloud already, it’s possible to mobilise secure VPNs and encrypt applications for mobile devices. If you’re on the cloud already, you’re several steps ahead of others. But you still need to work with your cloud service provider to review your workloads, applications, and data requirements.
At the same time you’re focusing on accessibility, remember to address your vulnerabilities. Right now, cybercriminals are stepping up their attacks to take advantage of remote employees. Phishing attacks are at an all-time high on small and large businesses, as well as public resources like hospitals and healthcare providers.
Now’s the time to reinforce your organisation’s IT security and compliance guidelines, many of which include the relevance of when employees travel or occasionally work from home. This includes a refresher on password policies and how to identify and report phishing attempts. Help employees with securing their home networks, and all the other policies and guidelines they would typically follow at work to protect your company and customer data. This might also be an excellent time to train employees on document and data retention best practices.
COVID-19 will create additional security threats as attackers attempt to take advantage of employees spending more time online while at home and working in unfamiliar circumstances. Some of the biggest threats associated with the pandemic include phishing emails, spear phishing attachments, cybercriminals masquerading fake VPNs, remote meeting software and mobile apps.
Above all, you must have the same level of resilience and redundancy plans in place for home working as you do for onsite, even if you are 100 percent in the cloud. It is important to recognise that the same problems that happen on a day-to-day basis when you’re in the office can also occur when the office is vacant.
Prepare for the new normal
Going forward, all businesses should plan for an eventuality like COVID-19 happening again. This means understanding data security, business continuity, resilience, scalability, accessibility and so much more. For example, you may not need extra capacity and compute power now; but you need to know that within minutes you can get to that number. And, as mentioned earlier, a lot of organisations have internal-only networks to manage power supply, fans, cooling and switches. What if you can’t get into the building?
Future-proof and understand the boundaries between personal and company devices and assets. Understand what you need to put into place to protect your business and your employees.
And finally, companies that are leveraging cloud services need to communicate frequently with their providers to address future needs and concerns. Make sure you know what they can do ahead of time to keep your remote workforce operating. Hopefully, these circumstances will be short-term, and life will return to some normality soon, but it’s good to always plan for every eventuality and what may now be the new normal.