by Cody Lents, partner and change manager at COVI, Inc.
Has COVID-19 upended the way your organization approaches IT? You’re not alone. Global IT spending related to remote work is forecasted to hit $332.9 billion in 2021, as organizations reallocate spending to better support and secure a new/expanded remote-work environment.
In today’s world, IT budgets are shifting, and new strategies can help you stay ahead of the game. You can focus your budget on mission-critical IT efforts as the digital world makes remote environments more of a priority.
Reallocating the IT portfolio
In the past, companies have spent more money on hardware and server storage. But now, a transition towards cloud services is leading the way in budgets. Employees who work remotely often need to be outfitted with laptops and mobile devices rather than desktops and other hardware. Now, employees can work anywhere and still have access to everything they need.
BYOD (Bring Your Own Device) policy
If employees bring their own personal devices, like cell phones, tablets or computers, to work, how can you keep company data secure? Defining a ‘Security & Use Policy’ should be first. This helps balance employee freedom, app functionality, and ensures your organization is not at risk.
The ‘Security & Use Policy’ should include:
- Acceptable use. Define what applications and data employees are permitted to access on their personal devices and the expected process to do so. When should I access company files? How should I access them?
- Minimum security. Passwords should always be required. Are company security applications required to be installed? Can the company’s IT team remotely access the employee’s personal devices? Remotely run scripts in the background? Who is responsible for system updates?
- A plan for broken, lost or stolen devices. Companies should reserve the rights for altering devices or wiping them clean in the case that they are lost or stolen. But who is responsible for day-to-day support if the device malfunctions? The company? The employee? And at the end of the day, who pays the bill for support?
- Ownership plan. The policy should say who owns the device, the data, and the digital environment (think Windows or MacOS) and support responsibilities. Typically, the most difficult question is how to segment personal data from company data and confirm we aren’t invading our employee’s privacy by backing up their personal data to the company’s backup infrastructure.
- Usability plan. The policy should outline required hardware and software specifications and expected turnaround times for device failure or other disruptive IT problems.
Another item to consider is ‘Mobile Device Management,’ which includes the option to secure and integrate devices across the network — allowing your organization the option to manage those devices in one place.
Lastly, ask your insurance agent how this workplace evolution impacts your cyber insurance policy. And, if you don’t have one, it’s time to bite the bullet and get insured.
To remain proactive and in control, we recommend immediately moving to cloud solutions, and integrating multi-factor authentication (MFA), SaaS backups, and Advanced Threat Protection (ATP). Allocate budget towards investing in cybersecurity. Cyber criminals are sophisticated, and new technology allows for new ways to block criminal activity.
Lastly, make sure your back-up and recovery system are redundant, so that data won’t be lost. As the world of IT advances, be sure you are up on the latest best practices.
If you need assistance implementing a hybrid-work approach for your organization, you can reach out to COVI at firstname.lastname@example.org to see if an assessment makes sense. COVI is an Information Technology (IT) agency specializing in productivity, security, support and strategy services, located in Indianapolis, Indiana.