The Roadmap to IT’s New Normal

By Michael Oldham

Work from home (WFH)

Telecommuting

Remote access

Digital transformation

Whatever buzzword you prefer, the Covid-19 pandemic is radically altering the way we work. And the enterprise IT world will never be the same, especially when it comes to your security posture.

At the beginning of April, an MIT survey found that 34% of Americans who previously commuted to work reported they now worked from home due to shelter-in-place policies. Another 11.8% said they were laid off or furloughed in the previous four weeks – a rate that has rapidly accelerated since the report.

Throw in the estimated 3.6% of people who already work from home at least half the time, according to GlobalWorkplaceAnalytics.com, and at least half of the working population is no longer in the office. That percentage has undoubtedly grown as the lockdown expanded across the country.

This seismic shift to working from home has major implications for enterprise IT, not just in the U.S., but across the globe. While a lot of lip service has been paid to digital transformation, a biological virus – of all things – jump-started the most revolutionary digital shift we’ve ever experienced in the way we work.

Crisis Management

Since the pandemic hit, the focus has been on quickly expanding remote access to everyone to ensure business continuity for the short term. Different companies chose different paths, and in a crisis of this magnitude, whatever worked for your organization was the right way…for now.

Some organizations threw money at the challenge, purchasing thousands of laptops. Even with corporate devices, however, organizations historically have been prone to phishing, brute force, business email compromise (BEC), ransomware, and other malware attacks. Still, the corporate devices enabled employees to access the resources they needed to do their jobs, without using personal devices that may have been even less secure. So this worked in the short term for those organizations.

Other organizations let employees use their personal devices as a short-term Band-Aid, hoping the lockdown would quickly blow over before they suffered a major attack. This is a much riskier approach given the porous nature of most attack surfaces, but again, understandable given the circumstances.

Still others decided to buy more remote access licenses when they installed more VPNs to meet demand. That not only was expensive, but also led in some instances to bandwidth issues. Some organizations were forced to ration employee remote access over different time periods to manage the increased demand.

PortSys customers took a fourth way – using short-term business continuity licenses for Total Access Control (TAC). This offered them the flexibility to quickly scale remote access down again once the immediate crisis is over and their employees return to the office.

TAC is a Zero Trust Access solution that relies on verifying multiple factors regarding the user’s context of access to much more comprehensively protect the organization’s resources – regardless of whether the employee is using a corporate or personal device. It is easy to roll out and much less costly than the multiple security solutions many organizations use across their enterprise resources today.

The curtain is now falling on the immediate operational crisis brought on by the pandemic. Looking forward, you will need a much more strategic, proactive approach in the future – with an emphasis on providing secure remote access for our New Normal.

No Going Back

As we slowly work our way back to more conventional ways of doing business, some employees will be hesitant to return to the office. They may have compromised immune systems that make them more susceptible to infections, have older relatives who they care for, or they just may not be comfortable working in a shared space yet.

The truth is there is no going back to the work world that existed before the pandemic. Organizations will need to remain flexible to support the remote access needs of your employees during this uncertain time. Then, you need to plan for a post-pandemic future – one where remote work is much more integrated into your corporate culture.

Kate Lister of GlobalWorkforceAnalytics.com estimates that “56% of the U.S. workforce holds a job that is compatible (at least partially) with remote work.” With the pandemic, she predicts that by the end of 2021 as much as 30% of employees will work from home multiple days a week.

Three key reasons, according to Lister’s report, are:

  • Increased demand – Surveys show 80% of employees want to work from home at least some of the time; more than a third are willing to take a pay cut to do so. Now that your employees have had a much larger taste of telecommuting, they will push even harder to make it permanent – at least part of the time.
  • Leadership acceptance The pandemic forced middle and senior management to quickly adapt to the reality of remote workers. This was just the opening bell for a significant change in corporate culture, as leaders learn how to manage and motivate a workforce that is no longer right outside their office doors.
  • Competitive edge – The medical community predicts that Covid-19 will not be the last pandemic we will see in the next decade. Your board will want to know how you are preparing for the next one, and the one after that – not to mention events such as tornadoes, hurricanes, blizzards, floods, and even the more mundane employee family care cases. Remote work will play a big role in your ability to retain valuable employees and remain competitive.

Lessons Learned

To prepare for this New Normal, you need to honestly assess the flexibility and resiliency of your existing enterprise architecture. Here are five key issues to consider, and how our Total Access Control (TAC) Zero Trust solution addresses those challenges:

  • Did you have enough bandwidth to handle your entire team working from home?

Many organizations had to limit the number of people who could work at the same time. While necessary during this unexpected emergency, it’s not the way to do business long term.

TAC is designed for optimal performance and security. It can run with all its security features enabled – no matter how much remote access you need. TAC has less overhead than traditional security products, so it’s faster and uses less bandwidth for each session. You can do more across the same bandwidth than your traditional security products. And TAC’s performance scales easily, too.

  • Did you compromise your security for the sake of providing more access?

Organizations make tradeoffs between access and security. While hopefully you haven’t been hacked, hacking attempts have increased dramatically during this crisis. It’s not something you can sustain over the long term.

TAC provides organizations with the most flexible and secure path to remote access. TAC allows you to set access policies for each resource that must be met before access is granted. These can include credentials, GeoIP location, device type, security status and many more. This makes access from any device possible, while still sustaining the required security posture of your organization.

  • How did you know if your resources and applications – both local and cloud – were secure?

Because of the nature of our complex security environments, most organizations aren’t able to centrally report on access. Effectively, you don’t really know who is getting access to what, because you can’t report on it easily.

TAC provides full audit and historical reporting capabilities on all access within your enterprise, local and cloud. With TAC, you have full insights on every remote access request and the specifics of that session available in one place. So even in a pandemic situation, you can see what’s happening easily within your organization.

  • Did you have to limit what employees, partners or customers could access during the pandemic?

Many organizations had to limit access to multiple resources because they didn’t have a way to offer that access easily. The result of limited access is lower productivity. TAC provides access to all a company’s resources at any time and does so in accordance with the appropriate security policies for each resource. This includes local and cloud resources, all provided through one portal.

  • Can you balance remote access needs for a disaster with routine operational requirements?

We live in a much different time than just a few short months ago. Now is the time to plan to balance the business continuity needs for similar future scenarios with the much-anticipated increase in normal remote working going forward.

TAC allows organizations to quickly and easily scale up to enable remote access during any extraordinary event, as it did during the pandemic. TAC also provides the flexibility to scale back down once the emergency is over. You can accommodate these dynamically shifting levels of remote access without making significant changes to your network infrastructure.

TAC also provides a higher level of security, microsegmentation of resources, centralized reporting for all access, and makes life easier for your end users and administrators. TAC enables you to confidently plan for a worst-case scenario without affecting your day-to-day operations or busting your budget.

Today, more than ever, it’s important that your business continuity plans are harmonious with your infrastructure. You will need that flexibility to securely provide remote access so your business doesn’t miss a beat – no matter what the next disaster brings.

If you would like to learn more about how Total Access Control can help your organization to more securely be remote-ready, contact us at:

info@portsys.com.

Share: