As remote work becomes a long-term proposition for organizations large and small alike, the onus is on C-suite executives to develop a coherent strategy to provide IT infrastructure solutions for employees to access company resources and communicate with their teams, all while reducing end-point vulnerabilities.
The ideal leader for a cross-functional transformation project is at the connection point between IT and business needs. Job titles, backgrounds and reporting lines vary, but the ideal type of individual is strategic, semi-technical and highly collaborative.
Antonio Vázquez, CIO of process automation provider Bizagi, said usually executives that fall under this umbrella are the CIO, CEO and the head of human resources (HR).
“While the people-side of remote work often falls within the responsibilities of the HR department, the ability to drive change in technology and operations is key, and that may not be a significant skill set within HR teams today,” he said. “Equally, IT leaders may not have the insight they need to determine where the operational challenges lie across the business and could benefit from working with a partner in order to identify the most important opportunities.”
The Digital Shift
He pointed out the rapid shift to completely digital work processes in the past two years demanded CIOs to take on multiple new responsibilities.
“The nature of work underwent a digital eclipse and CIOs became the first stop when strategizing the business decisions where the survival of their organizations was contingent upon success,” Vázquez said.
He explained that, moving forward, CIOs will continue to play a larger role in the C-suite’s executive decision-making process, especially when it comes to remote work strategy.
They will continue to help technology and business leads communicate with one another to understand the value innovation adds to a business.
“Instead of being siloed and focused on only technology, a broadened lens sees benefits from both initiatives,” he said. “C-suite executives will be expected to lead with this approach moving forward.”
Tim Taylor CFO at FM:Systems, an integrated workspace management software provider, added that the entire C-suite has to be on the same page when it comes to remote work, including the chief technology officer (CTO), chief financial officer and chief strategy officer (CSO), as well as the HR team.
“Remote work is here to stay, so companies have to get on board for jobs that can be done remotely, and figure out how to allow that,” he said. “We’re working across our entire senior leadership team right now to define the changes to our remote work policies.”
The Importance of Disconnecting
He explained the company also has a responsibility to help employees disconnect, and set boundaries for when work stops.
“It’s harder to draw those lines of when work starts and stops, so we are looking at things we can do to define when sending emails and scheduling meetings is not acceptable,” he said. “We need to define periods where everyone knows it’s ok to be offline.”
Taylor pointed out the entire leadership team also must ensure a remote work or hybrid work policy evolves.
“The days of setting a policy and sticking to it are done,” he said. “This is relatively new—we went from maybe 5 percent of our staff working remotely to something like 70 percent working from home. That’s a huge leap and everyone is learning at the same time.”
Security should also play a central role in an organization’s mature remote work strategy.
Because remote work increases the threat landscape, CTOs and chief information security officers (CISOs) need to rethink their traditional network security model to ensure that not only is every endpoint covered, but that employees use the technology correctly to protect against hackers.
Timur Kovalev, CTO at Untangle, a provider of network security for SMBs, said remote and hybrid workers add to the human element of leaving room to make unintentional mistakes.
“With employees and their devices no longer safe behind an office firewall, remote workers often turned VPNs off, and cybercriminals saw an opportunity to target home workers with phishing schemes and other hacks,” he explained. “Companies will need to create plans and new safety protocols to keep their networks and distributed workforce safe.”
That includes when employees do come into the office; security teams will need to be diligent to prevent them from bringing threats back to the office such as malware that is hiding in their laptops, waiting to move onto the corporate network.
He pointed out employees may have also added unknown software and applications to help them while working from home; while helpful at home, they could prove dubious once on the network.
In addition, Kovalev said IT teams should audit devices to ensure that all applications have been updated and/or patched as staff may have been lax on this while working from home.
Other best practices include conducting an employee access review of who has access to what information and whether they really need it.
“It’s much safer to take a zero-trust approach of denying access to everything, unless it’s specifically needed and specific access is given,” he said. “Organizations also must provide clear communication to employees of new protocols and steps to follow upon returning to the office.”
This means each employee should update their login credentials, using strong password combinations and two-factor authentication where available.
Kovalev said another important issue to tackle is review of applications, noting companies have worked hard to meet employees’ needs during the big shift to remote work.
“Rules may have been relaxed in terms of web filtering and application control while employees were working at home during these challenging times,” he said. “Now that remote work will continue, those leniencies should be rolled back and standard company policies regarding device usage should be enforced.”
Vázquez pointed out organizations have finally found some stability in remote work after months of uncertainty and disconnect.
“During all of the changes, IT teams have led the charge, ensuring teams had the tools they needed to do business as usual from the comfort of their homes,” he said, but added that one year later, IT teams have reached a breaking point.
This means executives and stakeholders need to ensure that the remote work plans they’ve implemented benefit employees, but also ensure employees aren’t being overworked, or overstretched beyond their required role.
“Focusing on employees’ wellbeing will be crucial in 2022 as we are all healing and finally getting back to a ‘normal’ workflow, even if it is from the comfort of our own homes,” Vázquez said.