hybrid working Archives - Security IT Summit | Forum Events Ltd
Posts Tagged :

hybrid working

The crucial role of audio solutions in IT security for hybrid work models

960 640 Charles

Shure partnered with global market research giant, IDC, to delve deep into the challenges IT security departments may face as they integrate hybrid work models. Drawing from insights of over 600 respondents from a range of countries, including the UK, the study sheds light on IT security concerns surrounding the quality of audio systems and its potential implications for secure and effective communication.

One of the paramount findings was that, while organisations in the UK are spearheading the adoption of hybrid work structures in Europe, they appear to be underestimating the security aspects linked to high-caliber audio solutions. The gaps in audio quality not only hinder effective communication but could also pose potential security risks, especially when critical information is misheard or misunderstood.

It was evident from the study that poor communication and reduced engagement during virtual meetings were key issues businesses were grappling with. Many IT security professionals highlighted that subpar audio equipment is not only a challenge for clear communication but also a potential security vulnerability, especially if employees resort to non-secure means of communication due to poor audio quality.

Globally, 72% of thriving organisations understand the importance of investing in professional-grade audio gear not just for clear communication, but also from a security standpoint. However, the UK seems to lag in this realisation, signifying an urgent call-to-action for IT security teams.

The IDC research underscores that top-tier audio isn’t merely about sound clarity; it’s also about creating a secure communication environment in the era of hybrid work. Quality audio solutions can prevent miscommunications, reduce the need for repeated information transfer, and thus limit exposure to potential security threats.

Key insights from the research with relevance to IT security are:

  • Team Dynamics: 94% of respondents acknowledge that technology which mimics the essence of face-to-face interactions can positively influence team dynamics and motivation.
  • Operational Efficiency: 90% believe robust audio solutions promote inclusive meetings and foster more efficient and secure work sessions.
  • Employee Trust: 90% perceive such investments as an indication of the company’s commitment to their well-being and security.
  • Organisational Reputation: 89% feel it impacts how both staff and external stakeholders perceive the company’s commitment to security.
  • Employee Confidence: 73% believe that quality audio solutions boost their confidence in the organisation’s dedication to secure and clear communication.
  • Decision-Making: 49% recognise its role in facilitating better-informed, and thus more secure, decision-making processes.

For a comprehensive understanding of the study and more in-depth insights, access the IDC Infobrief sponsored by Shure: : https://effortless.shure.com/content-hub/posts/idc-infobrief

Making the right hybrid choice when it comes to UC

960 640 Guest Post

As hybrid working strategies mature, companies are fast discovering that choice is vital. Employers need to offer a flexible approach to balance diverse home and office working preferences. But they must also provide a choice of technology options, especially in key unified communication (UC) tools. Consolidating onto a single UC platform may appear to be the best solution, but limiting every employee to a single solution can constrain productivity, undermine morale and encourage the use of Shadow IT, explains Jason Barker, SVP EMEA & APAC, IR.

Hybrid Flexibility

There is no one-size-fits-all approach to hybrid working. For every middle-aged parent revelling in the chance to do the school run, rather than sitting on a crowded train, there is a Gen Z desperate for the interaction – and warmth – of an office environment, rather than being stuck in a spartan shared flat. For every business leader bemoaning the lack of productivity, there is another embracing the impact on recruitment and ability to attract potential new talent.

Rigid hybrid strategies will never meet the needs of a diverse workforce, but a flexible attitude must extend beyond HR policies and include the UC tools used by employees. Wherever they choose to work, it is vital that employees are able to make meaningful connections, both with colleagues and business partners. They need to be confident in their ability to use a variety of tools, from video conferencing to collaboration.  But are they?

Over the past two years, IT teams have accelerated strategic UC deployments in a bid to wrestle back control over corporate infrastructure. A prime objective is to put an end to the costly and high-risk Shadow IT adopted in the early days of enforced WFH, when individuals made their own choice of video conferencing, file sharing and messaging solutions. Yet many of these ‘emergency’ solutions are an employee’s WFH comfort blanket. People have adapted to their preferred tools and, where possible, adapted the tools to work for them. Attempts to close down the UC environment and restrict users to the corporate platform can backfire spectacularly. The problem is that most businesses have absolutely no idea.

Trusted Communications

Today, 85% of businesses are using two or more meeting platforms and many companies are looking to reduce costs by consolidating onto one platform. Yet how can an IT team make the right decision when the business is completely blind to the reality of UC usage and adoption? While UC performance is routinely monitored, the information is collected on a system-by-system basis. There is no visibility of the entire operation, no understanding of the way 10,000s of employees are using the systems. Businesses don’t know when individuals or teams are ignoring the corporate UC tools and opting instead for their own preferred solutions.

Even this piecemeal UC information is fundamentally limited by covering only the office environments. Companies are not monitoring the tools individuals are using at home or their preferred out-of-office locations. From coffee shops to local hubs, employees are opting to use their favourite Shadow IT solutions and side-lining the corporate standards. The result is not only an unseen and unquantified operational security risk but also a missed opportunity to understand how employees are adapting to hybrid working and any signs of a lack of engagement with the business.

Guiding Strategies

End to end monitoring of the entire UC environment, including home working, can provide the business with invaluable insight to support the evolution of hybrid strategies. Are individuals increasing their use of a certain platform? If so, is that because people prefer that solution or simply due to performance problems with the alternative? Companies cannot blithely assume that growing usage equals preference; the IT team needs to also understand if there are any issues with the solution, the network, even frustration due to the lack of personalisation options.  Is there perhaps a change to mandate a single tool if staff can personalise it to suit the way they want to work?

Hybrid working will only succeed if staff are committed, engaged and able to collaborate effectively, wherever they are located. And that is far from inevitable if IT attempts to impose a solution that simply doesn’t work as well as their Shadow IT alternative. Clearly it is essential that everyone uses the UC solutions that are purchased, implemented and run by the corporate IT team – and that the infrastructure is secure, compliant and well managed. Choice is key. To offer employees the right choice, it is essential to understand how UC platforms are working at home and in the office, for both individuals and the business.

How can businesses maintain IT security in a hybrid working model?

960 640 Guest Post

By Claire Price of QMS International, one of the UK’s leading ISO certification bodies

Businesses now have the green light to go back to work, but your organisation may not be returning to its old working practices. So, if a hybrid model is being adopted, what can you do to ensure that information stays secure?

The introduction of more widespread homeworking has certainly piled on the pressure for businesses’ IT security.

At the beginning of 2021, QMS International carried out a survey of businesses about their cyber security and 75.7% of the respondents reported that they now felt more open to attack. Another 10% reported that they had no confidence in fending one off.

And businesses have a right to be worried. According to analysis of reports made to the UK’s Information Commissioners Office (ICO) by CybSafe, the number of ransomware incidents in the first half of 2021 doubled compared to the number reported in the first half of 2020.

Malicious emails have also been redirected to attack those working from home. Data supplied by Darktrace to The Guardian revealed that the proportion of attacks targeting home workers rose from 12% of malicious email traffic before the first lockdown in March 2020 to more than 60% six weeks later. With homeworking becoming more of a permanent fixture in business models, this trend is likely to continue.

While hybrid working offers your team the best of both worlds when it comes to office and home working, it also leaves your business open to the unique risks associated with both, with the added bonus of those linked to transport and travel.

But this doesn’t mean you have to abandon this new way of working. With the right processes in place, you can ensure your information stays secure, no matter where your staff are based.

Carry out a risk assessment

First things first – you must carry out a risk assessment.

Knowing the precise risks your business faces is key to developing methods of removing or mitigating them, but assessments like this are often overlooked. In fact, QMS’ cyber report found that 30% of respondents admitted that no new information security risk assessments had been carried out, despite changes to working practices.

Discover the risks, analyse their likelihood, and then decide if and how they can be controlled. This will give you the grounding you need to build your wider hybrid IT strategy.

Train and test your team

With cyber-attacks on the rise and remote workers being more vulnerable, it’s crucial that your hybrid team know what to look for and, just as crucially, how to report anything suspicious. The best way to do this is through training, which can now be carried out very effectively via e-learning.

This training should cover common cyber-attacks – such as phishing emails – how to spot them, the fundamentals of social engineering, and how to report suspicious activity. Ideally, this training should be refreshed regularly as new cyber threats emerge. You may also like to include training on the safe use of video calls and how to ensure video cameras are switched off when not in use.

To ensure your team have absorbed what they’ve learnt, carry out penetration testing. This involves crafting fake phishing emails and sending them out to your employees. What they do will give you an idea of whether your training has been effective.

Address access

When your hybrid team aren’t in the workplace, they will need to access servers and files remotely. This will often be via a VPN (Virtual Private Network), so you need to ensure that this is as secure as possible.

Remote workers will also be relying on their home Wi-Fi, but this may not be as secure as the Wi-Fi in your office. Your team should therefore be encouraged to create strong passwords – not the default ones on the base of the router.

Workers need to be cautioned against the use of free Wi-Fi hotspots too. It’s possible that your workers may want to use it to work on the train, for example, or in a coffee shop. However, public Wi-Fi is notoriously unsecure, and your workers should be cautioned against using it.

Think about physical protection

If your workers are going to be travelling between locations, then they are going to have to carry equipment such as laptops, phones and removable media with them. If something is lost or stolen, your business information could be compromised. Indeed, IBM’s Cost of a Data Breach report revealed that around 10% of malicious breaches are due to a physical security compromise.

A solid back-up protocol is key to ensuring that any lost information can be recovered. A robust password and access process are also musts – you may want to think about two-factor authentication to make logging in more secure. Make sure you also have a protocol in place so that if your team do report something as lost or stolen, you can act quickly.

When working remotely, you need to ensure that your staff keep their physical devices safe too. Equipment should be kept out of sight when not in use and papers stored away. If your workers are printing content, you may also need a safe disposal or destruction policy in place.

To prevent prying eyes seeing something they shouldn’t, workers should lock their screens when away from their workspace, whether they’re in the office or at home. And if any of your team do want to work while in public, they should be cautioned about the kind of work they perform – who knows who’s sitting next to you?

Create a culture of security

If you really want to take information security to the next level, you may want to consider a more wide-reaching measure such as ISO 27001.

ISO 27001 is the international Standard for information security management, and it is designed to help organisations integrate information security into every aspect of business.

Its 114 controls tackle every angle of security, including physical, legal, digital and human, bringing them together to enable you to maintain compliance and showcase to employees, customers and stakeholders that you have the processes in place to protect information from theft and corruption.

Going forward, it could give you the framework you need to adapt your practices to suit your new hybrid working model and any changes in the future.