Building the secure foundation for today’s new normal

As the first weeks turn into months, the initial chaos provoked by the pandemic is now becoming a new normal. Disruption still reigns, yet employers are striving for continuity while keeping employees safe and as effective as they can be. From wherever they are able to work.

For many, the early days were about getting remote working rapidly rolled out, prioritizing what was essential to their business. The fact is that no one knows how long this state of uncertainty will continue. Being able to operate as effectively as possible is going to be critical to survive.

To do that, many are currently solving issues that have arisen as a result of those original decisions and policies.  From workforces faced with being their own onsite IT support, to networks wrestling with capacity as decentralized traffic assails them. And – last but not least – ensuring the security of this offsite reality. So, enterprises need to act to ensure they do not derail their initial efforts and cause further problems.

Tackling new challenges

Ultimately the aim has been to get people up and running and operational. But this is where there now has to be a change in focus. It is worth all businesses using this point in time to look at what they’ve rolled out and challenge themselves on whether it is truly secure. Whether you’re new to remote working or with well establish processes. Already, coronavirus-themed scams and attacks are starting to materialize, whether socially engineered to prey on uncertainty and worry with offers of secret cures or latest government updates, or capitalizing on the sudden increase in consumer-grade applications being deployed to facilitate collaboration and communication.

While basic cyber hygiene principles are hugely relevant, the fact is that it is easier to monitor employees’ security commitment when they’re on site, using company-provided devices. With some businesses having resorted to equipping staff with laptops bought from high-street retailers as offices shut, or quickly deploying bring your own device (BYOD) approaches, that visibility is no longer readily available.

Zero Trust

In an ideal world, this would not be an issue as most enterprises should be operating on a principle of zero trust. In that case nothing on the network or connected to business applications is trusted. So, if anything tries to access corporate services, it has to be verified before it can proceed. In order to do this without hampering productivity, employees need to be able to authenticate themselves and their devices quickly.

The fact is, however, that many organisations aren’t built to implement zero trust, and so fall back to an approach of ‘in-office’ good, ‘out-of-office’ bad. But that doesn’t work when everyone is now out of the office. Yet if they use previous approaches to security, that means that everyone is now also ‘bad’ and will struggle to get anything done. This means they need to look at how they can bring in a zero-trust model.

That’s having security at the forefront of the foundations they are laying, built in so that it provides full protection without hindering access or the ability to operate effectively. In doing so, organisations can not only set themselves for the new normal but mitigate against future disruption. However, to achieve that without restricting employees’ ability to do their jobs, employers need to have the visibility of all the approved devices and applications being used by their workforces.

Traffic controller

Businesses also need to rethink how they manage traffic on their networks. With decentralized devices trying to connect simultaneously to the same applications, networks that are not built for remote working are struggling. Certain applications and functions could be overloaded. Stories are emerging of IT helpdesks being overwhelmed as office employees are now faced with being their own IT support. With limited technical knowledge, they are using their employer’s helpdesks for often basic needs. This diverts staff from mission critical work to answer questions on why their home broadband isn’t working.

To stop this overwhelming resource, enterprises need to prioritizeby focusing on critical staff and their application. Just as they did in the early stages. Doing so means they can better control traffic on networks, to stop helpdesks being overwhelmed by non-critical requests. Whether that’s deploying a triage system with FAQs or protecting applications from users throttling performance with less urgent use.

Cloud to the rescue

Accessing compute resource and services is a big task. While businesses are getting people working from home, many workforces need to be supported further afield. As companies are rapidly scaling up how they service and support a fully remote workforce, they are adding more compute, and turning to cloud environments to support, even temporarily. This is where the possibilities of the cloud are. Cloud can provide support, by being able to deliver infrastructure, compute, applications, networking and security to where’s it needed.

With cloud, prioritizing means that the right applications and data can be deployed into relevant environments quickly. And harnessing the scale and burst of resource that businesses need now. It also means that they aren’t locked in – if the situation changes in a few months’ time, they can adapt their requirements accordingly without being tied to major infrastructure investments.

Additionally, with the need for speed and scale, procurement behaviours in both commercial and Government organisation have radically changed. Where once a bid to use services such as cloud in a business might have required several layers of decision-making, now organisations are adapting how they acquire new infrastructure quickly. For instance, where once certain types of data had to be kept in certain national locations, now there is an increasing understanding that they will allow certain data or apps to be in a data centre in another country.

Organizations know that to continue working, they need to be willing to adjust in order to get the needed resource. Whether it’s a small retailer that’s gone completely online and delivery only, a global bank trying to onboard thousands of employees remotely or a temporary hospital deploying new IT in a mobile facility. That means being able to define what they need to do to get their organization up and running.

The blueprint for the new normal

Today’s new normal is still fluid. But it should be about being prepared. Being able to mobilize rapidly should a second outbreak occur, and there will always be the time businesses need to get back to normal. Enterprises need to provide stability – for their customers, for their employees, and for their own ability to operate. That means putting in place the foundation, or platform, from which to operate in a secure, flexible and decisive manner. More is going to change in the coming months. But decisions made now can ensure that whatever lies ahead, enterprises are equipped to mitigate the impact on their organization.

Welcome to the (new) normal.


Leave a Reply

Your email address will not be published. Required fields are marked *