Securing a Remote World

man work from home
man work from home

Amid the pandemic, organizations like yours have been forced to shift teams over to a remote working model. Work-from-home (WFH) has meant continuity and stability this last year. But it’s also had a profound impact on digital security. According to this recent Malwarebytes report, 20% of businesses have faced a security breach that’s directly attributable to working from home. 

This is big: it’s a challenge we’re all going to continue to face through 2021. WFH is here to stay and so are the security threats it creates. Over the next 5 years, organizations worldwide are expected to lose up to $10.5 trillion to cybercriminals. With WFH spanning into the long term, a big chunk of that risk is coming from your workforce. What can you do to reduce this threat and take back control of your WFH cybersecurity? 

Work-from-Home Isn’t the Same as Work-from-Anywhere – It’s Time for a Rethink

Over the past decade, the world’s gradually been moving towards a work-from-anywhere model, thanks to faster, more reliable internet access, a host of new collaboration tools and changing personal priorities. Work-from-anywhere was an endpoint we were building towards, through SharePoint, Teams and video conferencing. 

WFH resembles work-from-anywhere, but it’s not the same thing. Between the pandemic, lockdowns and immense uncertainty, organizations across the world were forced to cobble together a work-from-home strategy with little warning and next to no time to prepare. WFH is, in many ways, a preview of work-from-anywhere, but without the solid foundation and best practices to keep you secure.

Security: the key difference

The biggest point of departure between work-from-home and work-from-anywhere is in terms of security. In the future, work-from-anywhere will likely be backed by universal, AI-based security protocols that ensure data safety, regardless of the network or device you’re using.

Right now, though, work-from-home means that your team members often use unsecured devices on unsecure networks, leaving your organization wide open to hackers. How do you ensure robust work-from-home security in the here and now? It’s time for a rethink. 

Back to the Basics: Rethinking Your WFH Security 

There’s a massive gap between your security posture in-office and the security of your work-from-home environments. What can you do to bridge that gap? You need to go back to the basics by adapting the fundamentals of your in-office security to work-from-home environments. You’ll also need to rethink approaches to your postCOVID workforce. 

Leveraging MFA and IAM

From a security and policy perspective, there is a lot you can do: enabling MFA (multi-factor authentication) is a great way to get started. MFA ensures that, even if some credentials are compromised, an extra layer of verification lies between your team members and sensitive data and apps. 

You’ll also want to ensure strict IAM (identity and access management) policies through Active Directory or other solutions. This will help guarantee that your team members always precisely have the right amount of access to sensitive data and applications that they need to get the job done. This brings us to rethinking your approach to an evolving, postCOVID workforce. 

WFH Security and Your Team

The current pandemic situation is a shared experience. Everyone – you, your clients and your team – are going through this unprecedented situation. This means that the things your team members do and, just as important, how they feel can have a tangible impact on your business outcomes

WFH is a less monitored environment than your office. It’s not just oversight that missing, it’s interpersonal relationships – that trust and rapport your team builds around the water cooler. When that’s no longer part of the equation, you need to rethink your approach to the workforce to ensure productivity and security. 

HUMINT and threats from within

When working from home, your team is subject to a whole range of HUMINT (human intelligence)-based attacks. Phishing, vishing and SMShing are just the tip of the iceberg here. Creative cybercriminals will leverage the “weakest link” factor to extract passwords and sensitive data from your team when they’re at their most vulnerable – at home. 

An even bigger workforce challenge, however, comes from within. Work-from-home has profound implications for your workforce morale and on factors like individual accountability. Moreover, employees have far greater autonomy when they’re working from home – disgruntled or demotivated staff members have the time and space to make decisions that put your business at risk or even harm other team members. There are preventive measures you need to take. Read through the steps that we recommend you take here.

Team building is critical

You need to recognize the signs of burnout and proactively work to ensure that team members feel like they’re still part of the team, even when they’re at home. You need to take steps to strengthen rapport: think beyond team-building exercises and pep talks.

You also need to be able to respond if and when disgruntled remote employees take harmful steps from within. A solid identity and access management solution is the key part of the puzzle. But in the event of an internal security incident, cyber forensics and tracking capabilities can help you quickly trace the path to ensure accountability. 

What Does All This Mean? Building an “Inside-Out” Security Model

From employee morale and security to data breaches on home networks, WFH introduces a whole set of new challenges for your organization to address. At a strategic level, the best way to solve these challenges and succeed is by realigning your security thinking. In pre COVID times, an “outside-in” approach was standard, with your security team focusing on external threats. 

In today’s post COVID world, you need to build an “inside-out” approach to your cybersecurity. That means ensuring that you start with a secure IT backbone, using best practices and thinking through the security of each solution as you build your network.

At Protocol Networks, we work with you to comprehensively identify the vulnerabilities in your existing WFH infrastructure and the gaps in your security so that you can build on a secure starting point. We’ll also help re-engineer your workforce approach to ensure collaboration and productivity, while minimizing threats from within. Protocol Networks can help you build robust security at a time when it’s more important than ever. Reach out today for a free consultation to discuss what is and isn’t working in your current setup.

How COVID Improved Remote Help Desks

help desk computer and headset

Within a few weeks of COVID hitting, the United States labor force was transformed into a work-from-home economy, with an unprecedented 42% now working from home. Without this rapid shift to remote work, pandemic lockdowns would have been short-lived, as the entire economy would have collapsed. U.S. organizations’ ability to maintain operations while keeping the virus at bay with work-from-home employees illustrates how important a remote economy is to combat COVID as well as future pandemics.

Rising to the top as an unlikely hero to workers at home is the IT help desk. While employees were in the office, they could just walk down the hall to ask their colleagues at the help desk any questions they had. Or, they poked their head over their cubicles to ask the person next to them for how-to advice. Now, that has changed.

IT Help Desks Connect Workers

In today’s work-from-home offices, employees now turn to help desks more often and for longer amounts of time per call. Asking your help desk “What exactly does the function key do?” may feel embarrassing face-to-face. With the extra boundary of being safe at home, the question now gets asked. Ultimately, workers are becoming more educated about the technology they use as their reluctance to ask “stupid” questions has been diminished by working from home.

Help desks now support workers 24/7 instead of the traditional 8–5 routine of working at an office. Employees work whatever hours they can throughout the day and night as they juggle working from home, homeschooling their children and the stress of being locked down.

What CIOs Need to Know About Help Desks

Working from home has opened up the field of IT talent, as it’s not restricted by geography, while also comforting managers that a remote-work option is viable when society returns to normal.

While help desk metrics are skewed by the current circumstances, here are our observations to help you plan how to man your help desk.

1.     Support calls are longer, more frequent

Support calls are taking longer so response times are longer. In other words, people are on hold longer. The upside is that help desk professionals are enhancing employees’ feelings of connectedness to their companies while teaching them more.

2.     Employees are becoming more IT savvy

IT help desks are providing more resources like articles and helpful websites for work-from-home employees. Workers are more likely to spend time with this information while at home, so they are building their basic IT skillset. And, because they’ve had to do things on their own, like setting up their home office, employees have greater confidence in their IT abilities.

3.     IT help desk communication skills are improving

Help desk support personnel typically haven’t had to be very conversational beyond “Hi, how are you?” in the past. Now, as the calls for help are more frequent and longer in duration, IT support professionals have to come out of their comfort zones to build conversational skills.

Need a Help Desk?

Help desks support users day in and day out, dealing with a multitude of questions and challenges covering passwords and the copier to more difficult technical issues like recovering data and accessing the cloud. Manning your help desk with one or two internal IT people puts a drain on other necessary IT functions and also limits the knowledge base available to your end users.

Managed IT services can provide your organization with an outsourced help desk with multiple tiers of support for all topics and user questions.

Help desk personnel are often forgotten in the best of times. But, they are leading the way when it comes to communicating during the pandemic.

Open Your Help Desk

Looking for options to augment or revise your help desk strategy? Call 877.676.0146 for a free consultation or contact us online.

Prepare for the New Normal Now: 7 Remote Work Management Tips for CIOs

Man working from home with child
Man working from home with child

Maybe it’s the continual rounds of audits or that they’re constantly asked to show their work. Either way, most IT directors and CIOs are planners and preparers. Our CIO Philip Rogers is no exception and has had to work through a few unusual circumstances during his career (next time you talk to him, ask him about getting a telecommunications engineer into Nepal after a royal decree cut off communications). He believes we’ll emerge from the crisis stronger, but altered. The time to adapt to the “new normal” is now. We asked Philip to share how businesses can prepare for the long-term shift to working from home. He gave us 7 strategic considerations and recommendations to help you manage a remote team.

1. Recognize the Signs of Employee Burnout

I don’t need to tell you your IT team is working long hours, but I can help you determine if your staff is burnt out. Spotting burnout in the office is easy. It’s usually written all over your employee’s face – you read in their eyes, “I’m at the end of my tether and need a break.” In a virtual environment, look for different cues and out-of-character behavior. Burnt out employees won’t be as engaged in problems or situations they eagerly participated in before. They’re more likely to abruptly end phone calls. Ideally, you have a strong relationship with your team, and they’ll tell you well before they actually burn out.  

2. Build Rapport, Digitally

Rapport is necessary for more than spotting burnout. But, how do you build a team when they aren’t sitting together in a breakroom? How do you ensure people know who their coworkers are when they aren’t singing happy birthday over a yellow cake? At Protocol, we’re doing more with audio and video. We’ve set up chatrooms where employees share videos and movies and encourage people to keep talking – like they would on their way into the office or when they visit the breakroom.

Building rapport digitally can look a lot like forming in-person relationships. Ask questions, show genuine interest and listen. We’re all stuck at home, it’s okay to say hi to your coworker’s spouse who is sitting across the table from them during your video call. Ask about the pet you see running around in the background and check in to see how your team is managing to balance home-schooling kids with work.

3. Goofing Off can be Productive

No, you don’t want to let it slide if your technicians spend Wednesday streaming Tiger King, but don’t admonish them for “water cooler” chatter. Realize if people are commenting on a TV show, it isn’t goofing off or avoiding work – that’s them building a relationship.

For IT workers who don’t have a traditional 9–5, build in more leeway. You know your team will respond at 2 a.m. to an issue or take time away from a child’s birthday party to log into the system from their phone and make quick changes. Having a team-building activity in the middle of a Tuesday afternoon is just as important as the happy hours you organized before the crisis started. Like those in-person events, it’ll help build rapport, release stress and prevent burnout.

4. Recognize Priorities Have Shifted

Coronavirus is a shared experience and will fundamentally change society. People will emerge on the other side with a new set of priorities. They’ll want to continue spending more time with families, discover hobbies they want to make into careers or stop settling for a job they don’t love.

Have honest, upfront discussions with employees who are disengaged. Explain you’ve noticed their disinterest and offer to help them get where they want to be. This isn’t a totally selfless act. If you help someone fulfill their dream, they’re more likely to refer people to you. As an IT leader, you need a strong network which you build by helping others. Plus, you never know where your business will be in 5 years. You may end up needing that employee again in a different role as your company evolves.

5. Prepare for More Remote Workers

You know the saying A church isn’t the building; it’s the people? Well, a company isn’t the building, it’s your people – and a lot of them will want to continue working remotely. Offering telework opportunities will go from being a “nice-to-have” benefit to a key criterion of a job posting and a way to attract top talent.

Employers will demand more remote work too – even the ones who previously hated virtual workplaces. After spending months reconnecting with cousins and high school friends over video chat, they’ll know it’s possible to form emotional connections remotely. That experience, paired with seeing how their team can stay productive working from home, will cause them to rethink the money spent renting office space. Virtual workplaces will become a cost-saving measure, and your IT team should have a long-term strategy for supporting and securing a distributed workforce.

6. Create a Sustainable Plan for Returning to the Office

That said, not every industry is suited to a 100% digital environment, and people will trickle back into offices. As they do, your already-overworked IT team will have even more to do. Office workstations may need to be reconfigured and company-issued devices repaired or updated. Your team will need and deserve a break. Figure out now what “returning to the office” looks like from an IT standpoint, who will work on what and when people will be able to take time off.

7. Expect Other Members of Your Leadership Team to Ask: What’s Next?

You knew the importance of business continuity before the pandemic. Other members of your team might have viewed it as a “nice to have.” Now, it’s a necessity and the C-Suite is going to ask you, “What’s next?”

Keep their expectations under control. When I worked for the Royal Bank of Scotland “business continuity” was the watchword. We had plans for tsunamis, coups, international conflict and other large-scale disruptions. But unlike when I had to explain to business leadership how the in-country server racks were destroyed by a piece of field artillery during a minor military uprising in North Africa, we don’t need to plan for the fall of a regime at Protocol Networks. What we do need to know what will happen if our NOC isn’t available. Pinpoint the likely scenarios, outline what you’ll do to keep your business running and communicate the plan with your team.

We Can Help You Design a Comprehensive Plan

At Protocol, we started planning for the pandemic in December and had 100% of our team working remotely a week before the Massachusetts shutdown. We didn’t have a pandemic-specific plan, but our other preparations meant we had plans drawn up that we could quickly and efficiently implement. We can help you evaluate your current business continuity plans and develop new strategies to confront the next crisis. Call us today: 877.676.0146.