Meeting security challenges in the remote workplace

When COVID-19 spread across the globe in 2020, many organisations were forced to accelerate their digital transformation to ensure business continuity.   

While the transition to remote work provided benefits to both employees and employers, it also presented unique security threats—threats that many organisations are yet to overcome.   

In a world where remote work is the 'new norm' and workplaces are no longer confined to a physical location, organisations now face increased security challenges triggered by cloud migrations, personal device usage, vulnerable networks, and employee workarounds.  

While it is clear, organisations need to implement new strategies to solve remote work security gaps, it is also vital organisations properly consider the end users, particularly when it comes to providing them with a secure and productive work environment as part of this 'new norm'.  

As we enter the post-pandemic world, it’s time to address the fact that device security is only as good as the end-user experience.   

In this blog, I will explain why end-user security and positive end-user experience cannot exist without the other. I will also highlight what I believe to be the top seven challenges of current end-user device management. 

Additionally, I will offer a roadmap for organisations to move to the future state, where security and a positive end-user experience not only coexist but work hand-in-hand to deliver benefits for everyone. 

Balancing security and productivity – no small feat in the remote workplace 

Organisations now know that enabling their teams to work securely from anywhere, on multiple devices is not an optional benefit. But, with competing interests from various frontiers, this is no small feat.  

There are three sides to this balancing act. On one side, you have employees wanting to work seamlessly and productively, wherever they are, on their device of choice. You have business leaders wanting to smash their goals and make a profit. And, of course, you have IT and security teams wanting to keep company data and systems secure. 

While prioritising security may deliver compliance and data protection benefits, this approach can hamper employee productivity. And when security gets in the way of productivity, employees create their own workarounds, inadvertently increasing the attack surface and creating visibility gaps for IT teams. 

The reality is most IT management systems – whether traditional, hybrid or even modern – do not meet the needs of organisations and their employees in a hyper distributed workforce. And that’s just the beginning. 

The top seven challenges of end-user device management 

While end-user device management has always been an issue for both the users and IT teams, the remote evolution has exacerbated many of these challenges and limitations. 

My colleagues and I identified a view of the top seven: 

1. Employees suffering from unproductive devices rather than waiting for an IT resource to fix problems 

2. Increasing cybersecurity attacks on end-users 

3. Lack of visibility and control over remote devices accessing the corporate environment 

4. Increasing need for and shortage of specialist IT and security skills 

5. Skilled IT teams wasting time performing manual, repetitive and mundane tasks 

6. Increasing number and types of devices and operating systems to support 

7. The time and effort involved in managing and deploying multiple devices. 

So what can be done to address these challenges in the remote workforce? 

Picture it: A place where security meets a positive end-user experience 

The future of end-user device management must be one where security meets productivity. 

Uncompromising security can only be achieved if security controls are implemented in a way that is an enabler of both business productivity and an enriching user experience. 

While the challenges of remote work and increasing cybercrime have accelerated the need for change, achieving this future state has not proved to be an easy journey for many organisations. 

The good news is that getting there no longer requires an army of skilled experts, infrastructure overheads or big IT projects. 

The only thing it requires is a growth mindset that embraces moving quickly to the future state. 

Combating security challenges in the remote workforce with an SOE as a service 

With maturing cloud technologies and innovation in agentless device onboarding, it no longer makes sense to initiate a lengthy Standard Operating Environment (SOE) project that may or may not be successful.  

Building and managing a corporate SOE will not make any business more competitive. In fact, the opposite is now true for most organisations. The real opportunity is to leverage best-of-breed technologies that are expertly managed to provide a high-performance SOE as a service.  

In this approach, organisations subscribe to the solution, rather than own it. Read my article on infrastructure-as-a-service to learn more about this approach.