The face of business as we know it has changed dramatically over the past two months, with roughly 3 in 5 UK adults now currently working from home. What’s interesting is that some companies are considering scaling down physical offices in favour of a long-term remote working model. For example, tech giant Twitter recently announced its employees will be allowed to work from home indefinitely, and a fifth of UK office space is forecast to be abandoned permanently. Employers are striving to balance team productivity, security and employee engagement. If WFH is the new norm, it’s impossible to ignore the challenging nature of the situation.
Remote working affects performance not only for technical, practical reasons. The emotional impact is also perhaps equally significant. Business leaders may think the technology that allows us to do our jobs and the initiatives that enable us to feel supported at work aren’t related, but they’d be sorely mistaken. This is why IT and HR teams need to partner up to empower employees to do their best work from home, and to help their organisations safely and securely to weather the storm over the coming year.
Why security is a shared responsibility
Traditionally, IT Security teams have been considered the sole owners of the cybersecurity element of a business - it was their responsibility to implement the right technologies to protect the organisation, and that was that. However, in the current situation, the cybersecurity landscape is becoming increasingly complex with new and exacerbated threats: the surge in home working has caused a spike usage of vulnerable services, such as Virtual Private Networks (VPNs), incrementing the likelihood of attacks to individuals and organisations. UK businesses experienced a cyberattack every minute in Q1, leading to a 30 per cent rise in the number of security incidents. Cybercriminals have been found to lure in people working from home with the pretext of sharing useful information on the pandemic, and compromising their networks as a result. These attacks can not only disrupt business activities, but also cause employees a great deal of distress; with so many people accessing corporate networks from personal devices, their own personal data is also now at risk. While threat protection technology can help safeguard organisations, users must also be trained to recognise potential threats in emails such as unsolicited attachments or links, and be provided with clear guidelines on how to handle such events.
As part of the new landscape, companies should consider adopting a Zero Trust approach - assuming everything is suspect and eliminating implicit trust associated with the locality of user access. This model is founded on network visibility and requires insight into all assets (applications, devices, users) and their interactions. This enables IT pros to create and enforce an authentication and access control policy: if these are tied to assets and not network segments, the same set of policies can be applied regardless of where a user is accessing data and applications from.
The thing about Zero Trust is that it’s not a product, it’s a mindset. While it’s IT’s job to get the technical elements right, people’s behaviour - their awareness of security threats and their respect for policies - can have a huge impact. That’s why IT and HR teams must be in sync, with HR taking the lead in communicating the importance of a Zero Trust approach to the entire workforce. Afterall, the expression Zero Trust is surrounded by negativity - employees feeling like excessive controls can hinder their productivity or, worse, are designed to monitor their every step. It’s HR’s responsibility to help IT teams drive education around cybersecurity risks and how a ZT model is crucial to mitigating them. It’s also useful, as part of internal comms, to share tips on how to stay alert and, for example, detect social engineering attacks. This education, alongside solid network visibility, is the first step to protecting the organisation against cybercrime.
How HR can add real value
A dispersed workforce creates a series of obstacles when it comes to business performance, the first of which is information. It’s a time of extreme uncertainty, so companies should look at forming a cross-functional task force to centralise useful information – from sharing WFH tips and best practices, to fixing minor IT issues before they escalate. With misinformation spreading like wildfire in times of crisis, it’s important to give employees a single source of truth.
Being able to easily share resources, communicate ideas and feeling like part of the team is key to maintaining productivity. Encouraging video conferences – rather than just audio calls – can help enhance the sense of collaboration. Businesses should also enable seamless communications with instant messaging tools, like Slack, allowing employees to pose questions to their teammates and get answers more quickly, as they would have done face-to-face. Preserving positive office dynamics is critical - HR and IT must team up to make this possible with the right technology.
While striving for an efficient business-as-usual approach, companies shouldn’t neglect to take care of their employees as people. IT and HR should work together to create initiatives that are aimed at helping staff cope with the difficulties they are facing right now. For example, with many employees forced to be isolated from some of their loved ones, offering them the use of corporate web conference accounts for personal communications can help keep the morale high. Small but significant gestures can make a world of difference in terms of keeping teams happy, engaged and motivated.
When we think of the implementation of new technologies or processes that allow companies to evolve and adapt, we think of IT teams - driving innovation and making change possible. However, it’s important to understand that change can only take place with the buy-in of the workers who exist in the business environment. In order to get the people on board, HR staff must cascade down the instructions and decisions that come from the company’s digital leadership.
News strategies for the new tomorrow
In order to thrive in this new tomorrow, companies will have to consider new strategies - for example, a more flexible approach to work schedules - and new processes to optimise and secure the organisation - such as a Zero Trust security model enabled by enhanced network visibility and HR-driven support for the workforce. Success is possible, but achieving it requires a coordinated, cross-functional effort to ensure all bases are covered. What’s needed is a strategic partnership between IT and HR, focused on implementing and managing the right digital tools, and enforcing the right practices with the appropriate training. This way, businesses can maintain high levels of productivity and nurture a positive and secure workplace culture in these challenging times and beyond.
Martyn Crew, Director, Gigamon