With the World Health Organization, declaring the coronavirus outbreak a pandemic, millions of businesses are now forced to adapt to new strategies of managing remote workforces. Major companies like Amazon, Facebook, Microsoft, Twitter and Google have already implemented remote work policies for many of their employees. Even Cambridge University announced all their lectures to be online through 2021. Work from home (WFH), allows us to log into enterprise networks from home, marking security against possible cyberattacks on home IT networks to exploit vulnerabilities, the most important factor. The enterprises that extensively use cloud services, both on-premise and in public, will need to reassess and take steps to protect it.
Should a post corona world be worried about cyber resilience which is possible only when the processes and services are complete and capable of continual improvement through qualitative measures and feedback. Any disruption such as brought about by Covid-19 in the process maturity, can adversely affect the enterprise management in yet unknown ways. This includes decision making during uncertain times and decisions on approaches for collaboration and communication remotely, and keep the businesses going. In the short term, there would be enormous changes to the business plans; in the long term, they must adapt and continue to make progress on their original goals.
Apart from the technology decisions, it’s also crucial to manage the process of transition and relevant adaptation of operating policies & processes. A major requirement of managing this transition is that it must be effective, concise and consistent. Faith, persistence and support of employees for each other will keep the distributed cybernetic workplace together. Consequently, many organizations have shifted their routine operations by “Going Digital” to WFH. This works at multiple levels and offers businesses with a way to interact with their ecosystems and deliver on outcomes also following the “Social distancing” norm.
Traditionally, certain industries within the IT sector have embraced the idea of WFH. In these COVID times, even sectors like pharmaceuticals, manufacturing and many others, must pick certain functions to be performed remotely and / or allow some section of employees, to work remotely. As work-life boundaries blur, open and frequent communication is key on how groups collaborate and come together.
COVID-19 pandemic is forcing us to prepare for a variety of situations, and be consistently agile and adaptive. Going digital means much more than just applying digital tools and technology. It is about thinking new pedagogies, making sure that everyone has the ability to use all tech. tools without glitches. It then becomes imperative for the organizations to put Standard Operating Protocols (SOPs) and procedures in place. When and for how long employees will connect, or how billing cycles to clients are to be initiated etc. all become important. In a transformed workplace, employee’s assessments will have to be based on the tasks they perform, rather on annual performance reviews.
WFH does allow us flexible schedules and custom environments. It even allows us to design our own workspace ergonomics and aesthetics, like wearing cosy clothes and make calls without being pried upon. With no office distractions and zero commuting, one can make bigger savings. One can even have more time with loved ones with no need to navigate through difficult traffic. Of course, a lot of discipline and willpower to be engaged in work and not in Netflix and miss out on routines, not binge on fast-food, not relax on power naps, will be needed. Boredom can slow reflexes and work. With no second supervision, waiting endlessly for the boss to call or deliver on schedules can be exasperating and disastrous.
How will the organizations benefit by WFH? First, an enormous geographical reach at lesser cost and second, low attrition rates. However, it poses challenges in terms of client approvals since they lack direct supervisory control and have a very minimal connect with people. But from an employee’s perspective, it proves to be most convenient, especially when availability of infrastructure, at employee end is a concern. While we may feel that WFH is an effective option, there are lot of risks involved in confidential data leaving the office building and being accessed remotely by employees. Selection or changing to appropriate technology for WFH in a complex and rapidly changing situation, won’t be easy for organizations.
The efficiency of privacy systems will have to be tested before WFH can be implemented as a way of life. Businesses have begun to look for effective solutions for data security and privacy and many have started investing in them. However, in a scenario of WFH, critical applications would no longer have borders. It means that security solutions have to protect not just a perimeter, but also the data. Solutions such as Borderless Data Access Controls (BDAC) and “Zero Trust” models are need of the hour. The employees must look for signs of a cyber breach like new programs not installed appearing or the computer slowing down or strange pop-up ads appearing on the screen or a sudden loss of control of the mouse or keyboard.
In order to effect operational changes in the current scenario, organizations need to ensure their business strategy incorporates crisis management, disaster recovery and risk management in order to adapt and get back on track of their business efforts. However, in this dynamically changing environment, only those organizations which try to bring about confluence of people and processes in their change management programs, along with the technology would be in a position to navigate through and keep their productivity up and running.
In general, if an organization smartly develops and maintains its cybersecurity programs in a resilient and measured way, they stand a greater chance of making it through this difficult time safely. Measuring cyber resilience involves creating a risk profile, measuring control application and identifying policy efficacy. Implementing maturity models, such as those listed in the CMMI Cyber maturity Framework and Platform, organizations can strengthen their risk profiles and weather the storm, better than other conservative models. Digital Security while working remotely requires, avoiding public Wi-Fi, using personal hotspots or encrypting suitably the web connection. Further, keeping work data on work computers, blocking sight lines and encrypting sensitive data in emails on one’s device will help. Probably we will see more and more organizations using Virtual Private Network (VPN) services that create an additional layer of security for trusted connections between employees and organizations, a la new Normal in Cyber Business World.