Gadget

Hybrid work has become a compliance issue

The last two years have seen an unexpected evolution in the way that we work. In the face of massive change and disruption, we rallied to provide quick fixes to keep the lights on, and keep industry moving.

Now we have the opportunity to take those quick fixes and turn them into permanent solutions for the modern, distributed workforce.

But organisations are up against a challenge, and they need the expertise, experience and objectivity of technology, industry and solutions partners to meet it. The challenge? 68% of businesses still have no detailed vision or plan in place to realize a hybrid future, according to McKinsey. While there is recognition at a strategic level that hybrid working is the future, translating that into action requires the help of IT teams and the support and expertise of trusted partners.

“It’s not an easy transition, either,” says Ludi Nel, cloud lead at iSphere Cloud. “Other than the massive change in corporate work structure to a hybrid environment, there is also the increasing pressure for companies on the compliance front. 

“The complete decentralisation of workloads to the cloud and the workforce to the home and BYOD has put extra pressure on organizations to ensure that they have a holistic view and control of all these endpoints in their organization and to ensure they meet the growing compliance pressures. The biggest concern for clients moving workloads to the cloud is security. Our experience is that although a focus on security in the cloud is valid, the largest single risk to even these environments are the endpoints in the customer environment and the lack of oversight.”

Areas such as security and bringing it back in line with corporate, national and international requirements need to be addressed. But rather than go down the traditional route of locking everything down or pursuing perimeter-based security models, they need to provide a secure, frictionless, productive, user-led experience required for a successful hybrid work environment. It’s the great balancing act of the new era of work, and where partners can provide value.

Businesses are increasingly looking to skilled partners to help them bridge that gap between anywhere working, security and user experience, and show how all three can be achieved without compromise.

How? Let’s start with security, as that is really where the biggest barrier lies.

Start with security, end with user experience

When speaking to IT buyers, leading with the traditionally HR-based argument of why a user-first experience needs to be front and centre no longer works. It’s simply not at the top of the priority list of IT teams. While it might sound contradictory, my advice is for partners to lead with the security conversation if they want to help customers improve the user experience.

This strong focus on security is, in part, a hangover from the beginning of the pandemic when security policies were relaxed to get employees up and running at home. Partners are well-placed to help ensure customers don’t continue to follow the perimeter-based approach to security, and instead put in place the more modern zero-trust model.

Adopting a zero-trust framework will also help IT teams fix the user experience. How? It works on the understanding that today’s digital workspace no longer has perimeters, with endpoints, workstyles and applications situated everywhere. Rather than taking the traditional approach to implicitly trust anyone inside the network, zero-trust never automatically trusts anything inside or outside a company’s ecosystem, requiring verification of trust prior to allowing application access. Continuous verification of endpoint compliance and conditional access to applications reduces the attack surface but in a way that empowers employees to use the applications and devices they need to do their job, not put in place constant barriers for which they will inevitably find workarounds.

In helping customers modernize their security, partners can therefore advise businesses on how they can exert a better level of control in their IT, whilst also delivering the user experience employees now expect – setting them up for change now and in the future.

Think long term

Talking of the future, partners’ ability to look at a company as a whole, be objective and provide expertise that companies may not have in-house, means that they are well-positioned to help customers embed longer-term solutions to replace the quick fixes made at the start of the crisis. Employees are starting to uncover and be more vocal about poor user experiences and are expecting employers to respond.

These poor user experiences are being driven by issues such as VDI not provisioned correctly and continued heavy reliance on VPNs. As they lost line of sight of employees, many employers also scrambled for ways to monitor their work, with 70% of businesses turning to surveillance tools to monitor staff. But, 41% of companies who are currently in the process of implementing device monitoring are seeing “drastically increased” or “increased” employee turnover.  Rather than going down the surveillance route, companies should be working with partners and employees to understand where monitoring can be helpful, where it crosses a line and most importantly, how it can support better productivity and performance.

This is where partners can provide real value, says Johann Haefele, compliance officer at Epi-Use Labs: “As a cloud hosting and managed services provider, it’s all about managing risk and knowing who or what is connected to your infrastructure and clients’ networks. Mobile device management tools give you the oversight to quickly see if someone is not compliant and or compromised and allows you to take immediate action. As a financial managed services partner, we have a vast amount of consultants working in multiple corporate environments.” 

On a longer-term level, the partners’ role is to help customers better understand their current IT estate and the type of experiences the business offers to staff to help retain talent.  With everything going on in the world at the moment, data security and privacy must be at the forefront. We need to enable our staff to identify threats, manage risks and report any irregularities, whilst also giving our clients the assurance that we will provide quality products and services focused on security best practices. Transparency is a key factor in building trust and enabling staff to understand what is expected.

Staff are demanding answers from IT that they had never previously asked. Questions such as: are you using VPN? Do you have SaaS apps? Do you allow BYOD? Are you transparent in the way you monitor staff? IT teams in turn are asking their own questions of staff: are you able to access the applications you need to do your job? Do you ever find yourself bypassing security protocol to save time? Can you collaborate easily with other team members?

Being part of these conversations will not only give partners insight into where the challenges exist, but also encourage customers to consider issues they may be blind to or putting to the bottom of the pile.

Mix up measurement

Customers are crying out for these conversations, and we’re seeing that reflected in the increasing inclusion of Experience Level Agreements (XLAs) in RFIs for partners. Traditional SLAs ensure that a box is ticked, but that isn’t enough anymore. An application may be working, but users are still complaining about a bad experience. Including XLAs means customers can ensure the experience holds as much importance as the technical back-end.

It’s in the interest of partners, then, to help customers put in place ways of measuring experience as well as technical performance.

Small, targeted surveys that focus on the IT experience are one way to do this, with dedicated questions around monitoring to improve experiences, for instance. This will help aid greater transparency and if undertaken regularly, will give the business almost real-time insights into where problems may exist. Insights such as a quarter of employees (24%) not knowing whether their organization has implemented device monitoring systems on their devices to monitor their productivity, to identify one example. Having this knowledge encourages IT teams to build in more information about how monitoring is being done into IT provision, if at all, and give employees the option to opt-out.

Driving an experience-led culture

In this phase of purposeful disruption, partners play two roles. Firstly, the role of technical expert to help put in place the foundations for delivering the full capabilities needed to support the new era of hybrid working. Foundations such as zero-trust security which will help solve the security puzzle and deliver the kinds of experiences that employees now expect.

Secondly, the experience expert. Employees are demanding change, and customers need partners to be their eyes, ears and helping pair of hands to understand what will enable employees to do their jobs wherever they are, in whatever way works best for them.

Together, these two roles will help customers create solid, achievable plans for delivering a successful future for hybrid work. 

Exit mobile version