Decentralised IT Archives

Cybersecurity, Data Centre, Endpoint security, Hybrid Working, IaaS, Public Cloud, Remote Working, SDDC

How to secure the hybrid workforce

Following on from my blog ‘The Future is Hybrid’, this blog looks at securing the hybrid workforce. During 2020 many organisations raced to deliver remote working for their workforce, often at the expense of a level of security, that would have previously been unacceptable. Now that the dust has settled and many organisations have managed their risk in terms of remote working and multiple end point devices, it’s time to look at some of the specific technologies that can enable secure hybrid working as part of an overall hybrid working strategy.

About the Author

Melusi Phiri is a Senior Account Manager, helping clients of all sizes, across sectors to find and make best use of technology. Melusi can advise on the full technology stack, including cloud, application modernisation, security, networking and remote working solutions.

Decentralised security as a concept

When securing the hybrid workforce, an increasing number of organisations who have already adopted a cloud strategy are now moving toward a decentralised storage strategy that provides multiple user access, whilst offering potentially greater data security and business continuity. In this instance, data is essentially stored on 80 different nodes, but only 30 are needed to reconstitute that data, making the attack surface much less susceptible to cyber-attack and other related outages. The huge increase in demand for remote working over the last year has accelerated the move towards a decentralised cloud storage strategy in general. This kind of storage can offer benefits such as reduced cost, improved reliability, improved up-time and of course increased security.

Endpoint security

The realities of hybrid working and working from home, have presented organisations with a whole host of security issues. Endpoint security is a solution which is deployed on the user’s device (endpoint), which will prevent file-based malware as well as detecting and blocking malicious activity from trusted and untrusted applications. It can also identify and resolve security incidents and alerts. Responding to the most recent forms of ransomware attacks, the latest generation of endpoint security deals with fileless malware which exploits native processes to initiate the attack.

Citrix Share File is one example of a virtual data room product, which is equipped with a multi-level security system: the data is encrypted (the documents contain dynamic watermarks that prevent unauthorised dissemination) and access is only allowed via a two-step verification.

Access Security – Identify and Access Management (IAM)

Identity and Access Management (IAM) solutions administer user identities and control access to an organisation’s resources. It achieves this authentication through a single sign-on, making it user friendly; once the user is signed on, they can only access those areas that they have been given permission to do so via a user profile which is set centrally. An IAM system can track user activity and can detect any suspicious activity, communication or issues that might otherwise be missed. When on-boarding new employees, the profile can be quickly and easily set, so that the process is seamless. Ultimately this kind of access management can assist an organisation to meet industry compliance requirements.

Secure file sharing

Within an organisations the volume of data shared daily is significant and making sure it is kept secure, but easy to access, can be an onerous task. When considering hybrid working and the potential of multiple devices being used in multiple locations, this task is made even more difficult. Also, given the collaborative nature of data centric activities, files may need to be made available to users outside of the organisation, adding further layers of risk.

Often, when data needs to be shared quickly, business users often turn to consumer file sharing platforms, which will not meet corporate security and compliance mandates.

To offer an enterprise grade alternative to consumer based and email attachment files sharing options, there are a number of solutions on the market that provide the required level of security and accessibility. Below are just a few examples:

Virtual Data Rooms: providing an organisation with the ability to setup file share and synchronised services for their users easily and securely, offering a real alternative to large file sharing such as FTP. As the name suggests, a virtual data room is an online database where organisations can store and share confidential information. Traditionally these have been used to store the most confidential of information.

SharePoint: Probably one of the most recognisable data sharing products, Microsoft’s SharePoint offers a multitude of features combined with an excellent a level of ease of use that many other products find hard to compete with. Often combined with 365, it is sold as a document management and storage system.

Box: Very similar to SharePoint is Box, competing directly with Microsoft. It’s ease of use/setup, cost, and no requirement to use any of its other software set it apart from SharePoint.

Best Practice

Securing the hybrid workforce requires careful consideration of what technology is put in place and I have covered this many times before. However, a major cause of data breach is human error. The importance of employees understanding what behaviour is appropriate in terms of IT security is imperative, for any organisation, regardless of what technology is put in place to guard. Indeed, overzealous security measures can often take away that responsibility from the employee and impact by making processes a real chore – possibly putting the organisation at further risk by people trying to circumnavigate security for ease of use. By promoting ongoing awareness and best practice training, an organisation stands the best chance of avoiding data breaches.

Some areas to explore when encouraging a culture of security and best practice include:

Password Hygiene: enforce password changes on a regular basis and consider multi factor authentication; both are ways of adding security to your organisation’s data.

Email security: A massive growth area for phishing attacks in the last year; email best practice is an important part of the organisation’s security strategy. Comprehensive user training in being able to spot the various techniques employed by scammers via email. For the most sensitive of data, encryption apps should be considered, disguising information from potential hackers.

Endpoint devices: Equipping your workforce with the appropriate tools to do their work should be a key requirement for any organisation, ensuring that they are able to enforce restrictions for website, downloadable content, or applications; adding another layer of security. In addition, centralised software and antivirus updates can be rolled out remotely. It is key that considerations regarding the type of device and indeed the software upon it, are aiming to facilitate the user to do their job, rather than hinder them. This pre-empts employees either avoiding the device altogether or installing ‘Shadow IT’ where a better, none approved application is downloaded and used as it serves them better, ultimately putting security at risk.

The work environment: As well as making sure that your workforce has the right tools to do their work when working away from the office, it is important to make sure that they consider regular router password changes and multifactor authentication when logging on.

If, after reading this blog, you feel that it might be the right time to look more closely at how you are securing the hybrid workforce, having a partner who can help guide you through will be invaluable. Pendulum offers support and expertise to help you get the most out of your organisation’s infrastructure.

Please read my blog ‘building resilience in a hybrid workforce’, where I outline best practices around disaster recovery, business continuity and building in resilience into processes.

Pendulum is a leading IT company providing services, hardware, and software across the UK and internationally. For further information on securing the hybrid workforce or any other technology related issue, please contact me at mphiri@pendulum-it.com

About Us

Pendulum is a leading IT company providing services, hardware and software across the UK and internationally. For further information on remote working, public cloud hyperscalers, cybersecurity, modernising the data centre, HCI or any other area please contact your account manager or email info@pendulum-it.com

Hybrid Working, Identity and Access Management, Remote Working, SD-WAN

Driving business continuity and resilience in a hybrid working environment

With more and more organisations moving to a hybrid workforce model, the need to consider and reframe approaches to business continuity is key. The metrics of business continuity don’t change or become less important, but the approach needs to be more expansive, taking into account that IT must empower a workforce where location, access requirements and remote collaboration demands are more dynamic than ever before.

Business Continuity and Resilience

There is no doubt that a hybrid workforce can enhance an organisation’s business continuity, as it will allow the workforce to work anywhere at any time of day, without the restrictions of an office-based environment. It also makes it easier to recruit talent, where geographic and lifestyle restriction had previously caused limitations. Disruptions are minimised, once the workforce has the equipment and infrastructure to be able to work remotely, allowing them to respond to events immediately.

How best to achieve a robust business continuity strategy in this new hybrid workforce world is a key challenge and will vary from organisation to organisation. However, there are several key elements that will give your organisation the best chance of success. These include:

Strategy: Having a clear and concise business continuity strategy in place is critical to ensuring that when an emergency happens, your workforce isn’t wondering who’s responsible for what, and exactly what their role is in it all. Especially relevant as your workforce are likely to be away from the office and confusion is likely to reign if there isn’t a clear and consistent strategy. This strategy also needs to extend outside the organisation, to throughout its supply chain, making sure key suppliers and indeed clients are also considered and involved. Finally, an annual review is essential to make sure that the strategy is still relevant to the organisation and the market it operates within.

Adaptability: Agility to address the dynamic environment of the new workplace. Changes are inevitable; however, it is not always obvious what these will be, having the agility to move with those changes is key. Keep it simple, so when you adapt, you are not adding complexity and thereby instability.

Connectivity: Through a needs analysis, you must know who needs to be connected and at what level. Connectivity has to be seamless, remember this needs to aid productivity. This is likely to be one of your biggest challenges alongside data security.

Collaboration: The workforce must have efficient access to all applications, data and tools they need to do their job effectively and collaboratively, at any time, regardless of location.

Security: Threats are more sophisticated, attack surfaces are increasing, and people are likely to be working from home, without proper training in basic cybersecurity hygiene. IT needs to address these challenges, with security built in at every stage; implementing this early on is both vital and cost-effective.

About the Author

Reframing your approach

When an organisation decides to adopt a hybrid working model, it needs to consider what is required to enable it to do so. One of the first things to do is to perform a requirements analysis; organisations need to understand which services are needed by their workforce. The following covers key areas to consider:

Network Capacity: There needs to be sufficient internet bandwidth to handle the increased WAN traffic that occurs when a high volume of employees accesses the network, in particular for voice and video communications. To add to this, firewalls, VPNs and other remote access related technologies will be in greater demand as the workforce starts accessing the network from outside of the corporate headquarters.

Security Monitoring: To guard against the possibility of malicious attacks, robust training of the workforce needs to take place, along with an ongoing awareness programme, to ensure that data security is at the forefront of everybody’s minds.

Identity and Access Management: To further protect the organisation from unwanted infiltration, investing in IAM solutions able to control access to the organisation’s resources, is a must. The advantage of being able to track and detect suspicious activity is invaluable, along with the ability to onboard new employees and create profiles; all are essential for staying operational in a hybrid workforce environment.

WAN Security: Secure remote access will need to be in place for all devices needing to connect to the network. Whether you choose VPN or SD-WAN, either will offer controlled access and additional benefits, depending on which you opt for. It is worth considering a separate private network for remote access, rather than office based, as a security measure to limit possible cyberattacks? See my colleague Jeff’s blog, “The Future of Work – Post Pandemic”.

Collaborative Tools: Effective collaborative tools become essential with a hybrid workforce; making sure that teams continue to work effectively together using the right tools is imperative. Further detail about collaborative tools is available in my blog, “The Future is Hybrid”.

Remote Working Policy: A remote working policy is essential to managing remote workers. Including how functions can be completed from home, availability of the IT support team, what is expected regarding output when working from home including deadlines and goals, clearly defined channels of communication. These policies should also include cybersecurity, define roles and responsibilities of all staff addressing, as a minimum, email encryption, remote access, password creation and security, social media practices and device usage.

Revisit Your Disaster Recovery and Backup Plans

When considering the suitability of your existing disaster recovery plan, tactically, one of the first actions to take when you’re making ready to support a remote workforce, is to evaluate the solutions that already in place. Things to consider:

What technology tools are already in-place?
Are you making best use of their full capabilities?
Are there features or services that you need that aren’t available?

Identifying what you have to work with, and where the gaps that you need to fill are, allows you develop a roadmap for a way forward. Solutions across the business resiliency range should be considered, from backing up data on remote mobile devices, to the ability to quickly deploy disaster recovery tools if there’s a catastrophic event. Surveying what you have and what you need in terms of backups, disaster recovery, and disaster prevention, can help you evaluate your remote readiness and develop an implementation, technology, and services strategy that you can roll out quickly.

Cloud-Based Backup Across Endpoints

The integrity of your business data is critical and the cornerstone of successful operations. Backups are imperative, and not just for your applications and central data centres. Workers, especially those working remotely, may be saving files to their local computer that are crucial to the business. Are your employees working remotely on company equipment or has ‘working from home’ accelerated a bring your own device (BYOD) program? Each of these scenarios introduces unique challenges.

Cloud-based backup solutions can regularly (as in hourly, or daily) send data from laptops and mobile devices to the cloud. Should a device failure or other issue occur, you’ll have the latest information to work from. Another consideration may be using a file sharing solution; having all files saved to a centralised set of folders. Your team can then access the information they need (provided they have the right credentials) from any connected device, eliminating delays while you troubleshoot specific devices.

Address Network and Power Contingencies

If your employees are using their existing broadband connection and VPN to connect to your data centre and applications, it’s important to think about what you’ll do if that connection is taken offline. Consider what will happen if a storm damages cables and it takes a couple business days to get back online. Connecting via a local business, such as a coffee shop that offers free Wi-Fi is one option, but it can introduce unnecessary security risks (not to mention health risks in our current climate). Consider looking at investing in a failover connection or a simple solution such as mobile hotspot (which can be an individual device, or an add-on feature to your team’s smartphone plans).

It’s also helpful to think about what your employees should do if they lose power. Many offices have generators or other contingency plans, but home offices are often at the mercy of the power company to get back online. Increasingly, organisations are looking at portable solutions such as an Uninterruptible Power Supply (UPS) or a power block. These can offer several hours of reliable power to business-essential devices if the grid goes down.

Consider Disaster Recovery as a Service (DRaaS)

The reality for many organisations is that their busy IT teams are already trying to manage an unprecedented volume of digital needs, from increased digital delivery for customers, to the challenges that naturally arise when employees work remotely. Now may be the right time to consider Disaster Recovery as a Service (DRaaS) to strengthen your remote backup and resiliency capabilities. With a managed services solution, experienced disaster recovery IT specialists will work with you to determine your specific needs, configure solutions, and ensure that your backups and other related software are running smoothly across the network. If a disaster occurs, such as a breach or a natural event, key applications may be taken off-line, or critical data jeopardised.

DRaaS provides the technology and services needed to shift your disaster recovery and business continuity efforts into a larger resiliency planning conversation. This can provide the natural jumping off point for how to optimize for new situations, such as a high volume of remote workers.

If your organisation is considering making the move toward a permanent hybrid working model, having a partner who can help guide you through your plans for business continuity and disaster recovery, will be invaluable for making the right decisions. Pendulum offer support and expertise to help you get the most out of your organisation’s infrastructure, wherever that may be.

Pendulum is a leading IT company providing services, hardware and software across the UK and internationally. For further information on remote working solutions or any other area please contact me at mphiri@pendulum-it.com

About Us

Cybersecurity, Data Centre, Hybrid Working, IaaS, Public Cloud, Remote Working, SDDC

The future of work is hybrid – but how do IT Teams best support hybrid working?

What does the hybrid workforce need from a technology perspective?

Events in 2020 have probably changed the way we work forever, forcing organisations to embrace technological change at pace, often without the usual timeliness, due diligence etc that would normally be applied. There’s been a revolution, forced by necessity, but hopefully it has allowed many to take a long-term view on how they do business for the future, realising the many benefits afforded by a digital strategy that embraces cloud technology. Also, business has had to assess how that impacts attitudes to employees; how they work and most importantly where they work from.

A lot has been written about how business has adapted and changed in the face of drastic restrictions; the growth in hybrid versions of previous business models, that embraces digital cloud infrastructure. Most businesses acknowledge that it is unlikely that we will ever fully return to a pre pandemic way of working.

The future, we feel, is indeed hybrid. I would like to take the opportunity, over a series of blogs, to look at what this might look like in terms of the technology and equally significantly, the workforce. How do IT Teams best support hybrid working? It is important to remember that the technology is only part of the shift to hybrid working, the workforce itself also needs to adapt and change, looking at the cultural shift which is, and will be, significant for some time to come.

About the Author

Cloud Technology

Making the move away from a traditional on-prem data centre infrastructure is one of the most significant decisions for an organisation to make. The benefits the move to the cloud brings are numerous; leaving behind heavy capital expenditure, large, hard to recruit teams of skilled workforce as well as managing the pending obsolescence of expensive kit.

The following benefits evidence why more and more enterprises are making the move to cloud infrastructure, either wholly or, as a hybrid version. These include:

Flexible and Scalable – Cloud infrastructure is able to scale on demand, allowing the enterprise to be agile in both times of high and low demand. Storage options can be easily configured, including a hybrid version, making use of existing on-prem services depending on security and regulatory requirements. The current three leading cloud service providers offer a high availability of storage, removing the issue of investing in more on-prem physical storage.

Enterprises are able to easily determine their own level of control with a wide range of as-a-service options, starting with Infrastructure-as-a-service (IaaS) which provides users with access to computing resources such as storage, networking and servers on demand. This service also offers the benefit of virtualisation of administrative tasks, freeing up resources for other work.

Continuing on with the as-a-service model, enterprises are able to stack services, including Platform-as-a-service (PaaS). Enterprises can test, develop and host applications, PaaS enables a focus on development without the worry of underlying infrastructure provision. Importantly, it also facilitates collaborative work including remote and hybrid working teams.

Staying with remote working, Software-as-a-service and Desktop-as-a-Service are both tools adopted by IT Teams to support a hybrid working environment. They are no longer bound by their own network infrastructure, have minimal setup and can avoid platform compatibility issues.

Storage

Cloud storage reduces an enterprise’s expenditure by providing data storage on remote servers, where it is maintained, managed, backed-up and accessed remotely. Importantly, it also allows that data to be accessed remotely, providing the permissions are all in place.

Decentralised IT (Multi Cloud Strategy)

Many organisations, in addition to moving to cloud based infrastructure, are moving further away from a single on-prem data centre and decentralising by using a number of cloud providers rather than relying on one. This multi cloud strategy allows the enterprise to choose the provider for its strengths rather than accepting its weaknesses. Greater flexibility and agility are achieved by spreading risk, taking advantage of a specific cloud provider’s strengths and competitive pricing.

Connectivity

As enterprises move to a hybrid working model, IT Teams are finding that a high performance, secure and agile wide area network (WAN) solution is paramount. Two network solutions that will offer users secure access are Virtual Private Network (VPN) and Software-defined-wide-area-network (SD-WAN).

A VPN, being the most established technology of the two, is an internet-based network, which allows users to turn a public connection to a private one. When connected to the VPN, it offers protection against surveillance or tracking. The user’s data is transferred to its intended destination by a network of servers that the VPN maintains, rather than the user’s internet service provider. The VPN encrypts the data, preventing it from being read by any unauthorised access.

SD-WAN, on the other hand, connects organisations via a number of transport media, such as broadband internet, LTE, 4G or MPLS. Its technology is able to separate different types of data traffic, based on security, authority and quality of service. This technology doesn’t use a traditional router, instead using the cloud exclusively, giving flexibility and bandwidth capabilities.

Which is best for your organisation, depends on business needs; both offer unique benefits. The key difference between the two is the software defining technology of SD-WAN.

In terms of cost, a VPN comes out as being the most affordable, in part through its simplicity, making it great for low site count organisations. However, as the question of maintenance comes up, a VPN requires more of it, and indeed the expertise to facilitate it, and this will increase in complexity should more sites be added to the organisations WAN.

In overall performance, SD-WAN takes the prize, VPNs suffer greater latency, due to distance between sites, with increases in demand effecting overall performance. Whereas SD-WAN offers dynamic path selection quality of service and application aware routing. As for latency, being cloud based, SD-WAN suffers no latency due to geographic distances. Reliability is good for both options, however, the failover security features of SD-WAN excel, automatically fixing outage problems by transferring connection to another network.

Access – Digital Workspaces or Remote Access Solutions

A significant challenge to enterprises that have already gone down the remote working route is in achieving an excellent user experience and productivity rates, whilst maintaining infrastructure visibility and security.

With the workforce no longer under one roof, so to speak, coupled with a multitude of devices being used to access data, it can quickly become an onerous task and one which is fraught with security issues and a real lack of visibility. Creating a digital workspace, is necessary – a connected workplace solution, which provides a familiar work environment that pretty much works any device. This also allows users to access their work applications and data via a single entry point rather than multiple sign-ins.

Citrix Workspace ONE is one such solution, providing a unified digital workspace for all employees, regardless of their location or platform. Combined with a secure internet connection, this kind of solution will achieve a much-improved workforce experience, higher productivity, increased IT visibility and a high level of security.

What is a Digital Workspace?

Putting it simply, a digital workspace allows an organisation’s employees access to apps and real-time data on any device, from any location, regardless of whether that information is stored in a traditional data centre, or on the cloud. Digital workspaces are integrated technology frameworks, designed to deliver and manage app, data and desktop functions. But digital workspaces are much more than remote access solutions, they are value-added, providing:

• A level of collaboration, where teams connect much easier and faster, sharing data and files more than previously done, regardless of their physical location.
• Security has also benefitted massively through digital workspace and zero-trust security, where an organisation shouldn’t trust anything inside or outside of its parameters and instead must verify everything before granting access.
• Resilient business operations, where risk is spread, allowing organisations to operate in the most challenging of situations and no longer conforming to traditional business hours.
• Integration with other technologies. The connections can be seamless allowing employees to connect through their chosen platforms, to all parts of the network, without the need for multiple logins etc.
• Cost reduction. With remote working being the norm, there is less need for commercial square footage and utility costs can be reduced significantly.

Collaboration

A growing number of organisations have embraced on-line, collaborative tools for some time now, being a valuable productivity tool. With last year’s challenges they really came into their own and we have seen a huge take-up from organisations and individuals alike, trying to survive whilst working in relative isolation.

Much more than video conferencing, collaborative apps offer co-workers, wherever they may be in the world, the visibility of the work being done and how their input is affecting the overall output, along with the assets they may need to do it with. It probably wouldn’t be too much to say, if you can imagine a tool to help, it probably exists.

Project management collaborative tools have the greatest market share, where projects and resources can be managed in one place. These tools range from the old favourites such as GanttPro, to relatively new to market, LiquidPlanner. Finding the right one for your organisation will prove to be invaluable and necessary when moving over to hybrid working.

When considering the right collaborative tool for your organisation, it needs to be stressed that no tool will be effective without the buy-in of the key players in the team. Without this it is likely, especially with learning curves, that people will resort to old ways ‘passing-on through sending emails’.

Hybrid Culture

Definition:

A hybrid workforce is a team of employees that have a flexible work structure. In other words, some team members work remotely while others work from a central workspace such as an office.

According to research by the Chartered Institute of Personnel and Development in September 2020, 40% of employers said that they expect more than half their workforce to work regularly from home after the pandemic and restrictions have ended. This potentially represents a significant shift in how organisations retain their current workforce and how they onboard new talent in the future.

It’s certain, when considering a hybrid workforce strategy alongside your digital cloud infrastructure, it’s not going to be the case of just sending a proportion your workforce home with a laptop. Based on the research so far, a percentage of businesses are looking for a mixture of both homeworking and office time. Indeed, the term ‘hybrid working’ comes from this desire to have the option of both home and office environments, rather than one of the other. This will present quite a challenge for organisations trying to balance those two things, whilst achieving the obvious cost benefits of remote working.
A significant culture shift will need to happen within those organisations that choose to go down the hybrid working road, establishing new ways of working and associated practices and policies.

Organisations who choose not to adopt hybrid working, and return to the old ways of working risk the possibility of high staff turnover and difficulty in recruiting talent; losing out to much more flexible organisations who do offer hybrid working.

If your organisation is competing for the best talent, then in the future you may be left with no alternative but to adopt a properly supported hybrid working policy. There’s no doubt that employees have enjoyed the obvious benefits of flexible working in the last 12 months, and will now be offered a real alternative to commuting and working in an office five days a week.

Making the move to Hybrid Working

Suggested key steps towards ensuring your hybrid working policy is properly supported by the IT Team:

Agree an overall strategic position on hybrid working for the organisation.
Define how hybrid working will look in your organisation including the possibility of different forms depending on job roles and teams.
Carry out a full engagement programme within your organisation, as well as the provision of training and development to support successful hybrid working.
Put in place a clear and comprehensive communication plan to share the strategy the organisation has in terms of its approach regarding hybrid working, including how employees can request a move to hybrid working.
Plan for and respond to the organisational implications of hybrid working on matters such as technology, employee wellbeing, inclusion and facilities.
Support effective team building and cohesion in hybrid teams.

I hope that you have found this blog useful. If, after reading this blog, you feel that it might be the right time to look further into the way your organisation’s IT Team supports the hybrid workforce, having a partner who can help guide you through will be invaluable to making the right decisions. Pendulum offers support and expertise to help you get the most out of your organisation’s infrastructure.

My next blog will be following on the theme of how to secure the hybrid workforce, discussing specific cybersecurity technologies that can enable secure remote/hybrid working.

About Us