As end users begin to transition back to the office – at least part of the time – the IT department is now tasked with making sure devices that were taken home are accounted for and that each employee has the tools they need to work regardless of where they actually work.
Many organizations invested heavily in software-as-a-service (SaaS) or cloud-based infrastructure to help employees work remotely more effectively, invested in endpoint and ancillary devices and shored up their cloud-based security. Now that offices are beginning to reopen, what happens to that technology? How are IT professionals supposed to manage the transition back to the office?
According to IT experts, the top concern as employees begin to trick back to the organization’s physical workplace and reintroduce devices onto the network is the organization’s cybersecurity.
Gain visibility into everything
For many organizations, their infrastructure has changed dramatically over the last 15 months with new cloud-based SaaS platforms that quickly helped employees work remotely. However, organizations still had on-site infrastructure and now have to figure out how to marry that existing infrastructure and local processes with this new way of working, says Chris Jordan, CEO of Fluency Security.
“And so now what’s happening is that as you bring people back, there is a tendency to say, ‘Let’s go back to where we were.’ But the reality is that most companies have signed multiyear agreements in a SaaS infrastructure or cloud infrastructure and they’re not bringing their workforce completely back into place,” Jordan says.
Organizations can’t simply end those cloud-based investments and dust off the old system, scan endpoints and resume business as usual before the pandemic – especially because these new SaaS, cloud-based solutions are incredibly useful for hybrid work.
“They’re now trying to integrate local processes and the way they think things should have been versus a more flexible workspace that isn’t going to go away,” Jordan says.
What organizations need to do is figure out what direction they want to head in when it comes to cloud, hybrid on on-prem and gain visibility into the organization’s IT assets regardless of where they are.
“The objective is to get control of your infrastructure,” Jordan says.
That includes scanning, patching and updating before employees even return to the office.
Use your organization’s digital transformation to adopt better habits
Many organizations invested heavily in new and emerging technologies, and their digital transformation was accelerated several years out of necessity. With employees learning new processes and procedures about these new tools, now is a good time for a refresher on cybersecurity best practices.
That is especially true with the recent onslaught of ransomware attacks and other cyber threats clogging up news headlines.
Use this as an opportunity to think differently, says Grant Wernick, CEO and co-founder of data analytics company Fletch.
“Companies have likely undergone some type of digital transformation during the time working from home, so use this as a catalyst to adopt new and better habits,” Wernick says. “Start thinking of security as more of a critical business need as opposed to an afterthought. Modernize your security practices focused on the latest frameworks and controls that matter most to your business.”
Organizations should also consider adopting a zero trust model, which will help vet all devices before they’re placed back into trusted networks.
Jon Clay, vice president of threat intelligence at Trend Micro, says organizations should kick off a new round of training and awareness for employees when they come back to the office.
Phishing attacks and stealing credentials remains the top intrusion vector, so employees need to be made aware of how they are being targeted.
“If an organization doesn’t have a security awareness training program, now would be a good time to develop and roll one out,” Clay says.
Schedule user returns in groups
Many organizations are at least considering a larger hybrid work approach since they realized employees work just as effectively at home, but some value the in-person collaboration more than others.
However, IT teams should advocate for a phased approach to bringing employees back to the office so these complicated technology and cybersecurity issues can be worked on over a period of time and not all at once.
When the inevitable help desk requests start piling up, you should ensure you have staffed accordingly and allocated enough time to address those concerns.
User returns should be scheduled in groups, and organizations should consider a third-party technology partner to help manage the process, says Peter Robert, co-founder and CEO of Expert Computer Solutions.
This allows IT teams to not only address user issues, but ensure that each device has been properly scanned and vetted before it connects to the corporate network.
Take your time
Providers of enterprise technology are quickly adapting to bring hybrid work solutions to the market, but they tend to be behind business trends.
“The industry has not had enough development cycles to catch up to a hybrid work environment,” Jordan says.
Instead of rushing employees back to work and creating policies now, Jordan advocates for forecasting where the organization’s employees will be in six months.
“Stop fooling yourself and start planning for the way your business operates,” Jordan says. “You as an IT person are empowering a company – not the other way around.”