How COVID-19 has made us rethink our IT teams | IT Governance


As organisations start to consider life after COVID-19, they’ll realise that it’s not as simple as putting everything back the way it was in the Before Times.

That ship has sailed. There have simply been too many benefits to remote working for organisations to demand a return to office life on a full-time basis.

Indeed, a Gartner survey found that 47% of organisations will give employees the choice of working remotely full-time once the pandemic is over, and 82% said employees can work from home at least one day a week.

But can organisations afford to continue as they are after all lockdown restrictions have eased?

At the start of the pandemic, there was a tacit understanding among organisations that these were exceptional circumstances and processes naturally wouldn’t be ideal.

It resulted in ad hoc solutions and IT teams offering more lenience with security protocols, given the lack of alternatives.

Employees were allowed to use their personal devices for work, third-party software such as Zoom – the use of which may have raised eyebrows – was universally adopted, and employers were forced to trust that employees were acting responsibly without supervision.

Now that it’s clear that remote working isn’t a makeshift solution but a permanent way of working, organisations have time to review these practices and find a more suitable arrangement.

In this blog, we look at three things your IT team should consider as you transition away from COVID-19 restrictions and back into business as usual.

1. Employees using personal equipment

In an office environment, IT administrators have complete control over your organisation’s Internet channels. But when employees work from home, you are reliant on the security of their routers and networks.

Whereas you may have once been able to block traffic from suspicious sites, that may no longer be possible – particular if employees are also using their personal devices.

A Kaspersky study found that 49% of respondents didn’t receive a work-issued laptop or computer at the start of the pandemic. Even among those that did, many still used their personal devices some or all of the time.

The survey also found that many employees used company devices for unintended purposes. For example, 61% of respondents admitted that they downloaded software from torrent sites, and 18% viewed adult content.

These are risks that IT teams must address in the coming months. Employees wouldn’t view or download inappropriate material in the office – either because the sites are blocked or because they know that their activity will be monitored and reported.

These solutions are both available for remote workers and should be considered.

Although there are concerns about the use of employee monitoring software – with more than half of the respondents to a TUC (Trade Union Committee) study saying that the introduction of such software damages the trust between workers and employers – there are huge benefits if it’s used responsibly.


You can find more tips on how to work from home safely and securely by taking a look at our new infographic.

This guide explains five of the most significant risks you and your organisation face during the coronavirus crisis.


2. Training staff on their responsibilities

According to Kaspersky, one month into the pandemic, only 27% of employees had received training on cyber security risks.

This is something IT teams should be urging organisations to correct, because there is only so much they can do to protect vital systems. The team can fortify firewalls and equip antivirus software on work computers, but those defences rely on employees practising good security habits.

If an employee uses a weak password, for example, if doesn’t matter how strong your firewalls are; a cyber criminal can brute force their way into their account and compromise sensitive information.

Technological solutions must work together with the way staff use that technology. Chances are, your organisation will be using more technology in a remote work environment, so you must make sure comprehensive training is provided.

3. Video conferencing software

Arguably the biggest disruption to work caused by COVID-19 is the way that colleagues work alongside each other on projects.

It’s no longer simply the case of gathering in the meeting room to discuss ideas or heading over to someone’s desk; communication is now mediated through video conferencing software.

That’s resulted not only in less productive meetings but it’s also introduced security weaknesses. Last year, a vulnerability was detected in Microsoft Teams that had enabled attackers to gain access to organisation’s accounts.

And, of course, there is Zoom, which was subject to in-depth criticism over its security flaws – from suggestions that users’ information was being fed to the Chinese government to features that allowed meeting hosts to spy on participants’ activities.

We may have come to terms with the difficulties regarding productivity when it comes virtual meetings, but IT teams must remain alert over security issues. That means applying updates as soon as they are released and developing plans in case the technology fails.

Recognise, respond, recover

It’s been rough sailing for organisations in the past year or so, and the challenges faced by IT teams during the pandemic is just one part of that.

There has been – and still is – disruption caused by Brexit, increasing public awareness of data privacy and growing regulatory pressure around data protection.

If you’re looking for help navigating these risks, IT Governance is here to help. We offer a range of data protection and cyber security training, tools, software and consultancy services – all of which can be delivered remotely.

And if there’s one lesson we’d urge organisations to learn, it’s that data breaches are unavoidable but the devastating after-effects aren’t. Those that plan for disaster alongside preventative measures are much better equipped to handle disruption and get back to business.

Those looking for help doing that should take a look at our Cyber Incident Response service. It’s the ideal solution for anyone trying to recover from a data breach or cyber attack, as our experts guide you through the recovery process.

They’ll review the breach, mitigate the damage and ensure that you are up and running again as soon as possible.




Source link