While the Covid-19 outbreak has turned out to be the biggest black swan event of our time, we are undoubtably more prepared than in 1918 when the last pandemic broke out. Information technology has enabled businesses to operate despite closing their doors to prevent large gatherings and enforce social distancing. Thanks to IT support teams, many businesses were able to mobilise their workforce for remote work, some in just a matter of a few days.
Now that the initial surge of tickets such as VPN connectivity issues, data access, and remote desktop access has died down, IT teams are in a better position to evaluate the situation in its entirety and recommend actions that would help businesses brace themselves for what’s to come in the next few months. Two of the biggest tasks that IT teams have to address are:
- Enhancing employee experience while working remotely
- Supporting business continuity while strengthening security
Enhance employee experience while working remotely
A lot of things factor into employee productivity and employee experience, including the workplace, devices, facilities, uninterrupted connectivity, collaboration tools, and access to related resources. When organisations adopted remote working, many established work-from-home policies that covered a range of issues – allocating some employee benefits to cover the costs of setting up home offices, setting IT policies to secure devices, ensuring VPNs were in place and creating knowledge bases to access IT resources, amongst other related issues.
These days, organisations are forced to choose remote work out of necessity, with little planning. In a survey conducted during a recent remote work webinar presented by ManageEngine, about 50 per cent of the respondents said that their companies didn’t have a work-from-home policy. For organisations that still need to introduce a comprehensive work-from-home policy, IT teams can jump start the process by utilising their existing IT management tools and capabilities to build effective processes for remote work so that employees can continue to create value for their organisation.
Rebuild knowledge base for remote employees
As distributed employees become more self-reliant, they will start seeking online resources to solve their issues independently before reaching out to IT support. It is time to dust off and reorganise the knowledge base to keep it relevant to remote workers. A remote-relevant knowledge base will give prominence to articles related to VPNs, firewall issues, and even file access requests.
Reassessing the tool currently used for your knowledge base is a good idea given most ITSM solutions in the market come with self-service portals that have, at least, a bare-bones knowledge base. If not, your organisation’s document management application or content management system can easily double up as your knowledge base.
Enhance the service catalogue to encourage use of the self-service portal
Within a company’s premises, business resources were provided with less scrutiny. If a user needed a quick look at a report or a license for software, it was usually provided after a few email exchanges with the boss or a colleague. But with remote work, such requests need to be recorded because company resources are now being accessed from networks and devices that are likely less secure than their on-premises counterparts. In case of resource abuse or data exfiltration, your ITSM tool will serve as a good system of record, to ensure that there is always an audit trail to investigate the point of failure.
So, now is the time to enhance your service catalogue by including all services and resources available to the employees and minimising any process fatigue that employees might face by making use of built-in workflows and approval automation in your ITSM tool. With a comprehensive service catalogue and knowledge base in place, your self-service portal will be the central place for your remote employees to request a resource or report an incident.
Use workflows to standardise support process and scale expertise
Automated workflows benefit both employees and technicians. In the workplace, IT support teams relied on peer-to-peer knowledge to solve complex IT issues. However, with a distributed workforce, team members are deprived of the opportunity to learn on the job. For IT support teams that do have standardised procedure documents, now is a good time to integrate these procedures into their tools using visual workflows that guide technicians through every step of the request resolution.
Invest in a robust remote access tool
Not all user issues can be resolved remotely or using knowledge base. For issues that need more technical expertise or virtual assistance, IT teams should consider investing in remote access tools, that help in troubleshooting issues at the employee’s or user’s end point securely. The shadowing feature in some tools can also be used for on the job training of new recruits as well. Several IT vendors have stepped up to help the IT community by offering their remote access solutions for free. If you cannot invest right away, you can always use these solutions till the budget gets reallocated.
Make IT support more reachable
Collaboration platforms are seeing an exponential increase in signups and daily active users. With employees spending more time on these platforms, it’s only logical to take IT support to these channels. Most ITSM tools already integrate with collaboration tools, either in the form of slash commands, apps, or even chat bots. It is time to look for such integration in your current ITSM tool and start implementing them in your organisation. It’s also a good idea to implement chatbots to automate recurring requests such as password reset, VPN issues and more.
Support business continuity while strengthening security
For any business, data is the biggest moat. Customer data, valuable business insights, stealth product ideas, GTM strategies, and other data and intellectual property provide an edge over the competition. Therefore, data is also the biggest risk.
With designated workplaces on company premises, data was accessed from a secured perimeter. However, with remote working, employees are accessing data from less secure devices and networks. As a result, every organisation’s risk factor has increased substantially. Business continuity is now being challenged, not just by the pandemic or the economic situation, but also by increasing the chances of internal and external threats. Here are a few ways that IT teams can build a stronger security practice.
Secure the company data and endpoints
As companies chose remote work, many employees had to leave their desktops behind and use their personal devices to connect to work. Unlike company provided devices, personal devices are typically less secure, with unpatched OSes, legacy anti-virus and anti-malware software, relaxed firewall settings, and other compromises.
Since these personal devices store company data, they become the weakest link in IT security. These endpoints can still be secured by establishing self-enrolment programs available in unified endpoint management (UEM) tools. Once enrolled, UEM tools can then push policies for password protection, data encryption, VPNs, networks, etc. and even silently update patches.
Providing privileged access for code deployments or infrastructure changes
When employees are trying to access a system account to push code into the pipeline or trying to update the network configuration in their data centre, all they need to do to gain access to privileged resources is ask. Proximity creates trust among teams, so by just asking a colleague, you can probably get access to most of the resources in your office. However, with distributed teams, access to such resources could come from an actual employee or from an impostor using a compromised employee account.
For starters, one could implement multi-factor authentication to all business-critical applications. A privileged access management (PAM) tool will provide additional security that any critical and administrative account requires. Most PAM tools have features that provide employees just-in-time access to the privileged accounts they need, without impeding their productivity.
Double down on cybersurveillance and insider threats
With less secure endpoints and networks, companies are more vulnerable to cyberthreats than ever. A compromised employee account from an unmanaged device could be accessing and exporting confidential information from company applications. A small change in the firewall settings could open flood gates to DDoS attacks.
These days, it’s important to keep a closer eye on network monitoring systems and event monitoring tools. Tools with user and entity behaviour analytics (UEBA) are good at catching anomalies and pre-empting threats. Just keep in mind that employee schedules during remote work might vary from those of regular work, so remember to re-calibrate the behaviour baseline to avoid alert fatigue.
Create relevant dashboards for critical resources and changes
The wide monitors and huge display screens in the NOC room are now being supplanted by laptops and desktops spread across different locations. That means it’s harder to get a holistic picture or pre-empt network failures by correlating different alerts. IT teams should create dashboards for critical resources, in addition to existing dashboards, and have a few eyes monitoring them around the clock to help catch anomalies that could impact service availability.
In addition, the NOC team can create read-only dashboards for individual application/functional teams to give those teams a better view of their performance. Re-configuring alerts for a change window is also important to accommodate slower, remote network connections. Those firewall updates, for instance, used to take 30 minutes in the office network, but they could take 60 minutes when you are remotely connected through a slower bandwidth network.
These are a few steps that IT teams could take to get them off their feet and positively impacting productivity and business continuity. As the world starts moving towards the new normal of remote work, these recommendations which were once called the best practices, will tend to become the new normal for the IT teams. The significance of IT will only grow bigger as we move towards more connected and collaborative means of doing business. While we are at it, that too remotely, we wish the IT community a good health. Take care and stay safe.
Aparna TA, Product Manager, ManageEngine