Why IT and HR must work together to help businesses weather the storm
Article by Gigamon manager for A/NZ George Tsoukas.
The face of business has changed dramatically recently - new figures from Roy Morgan research shows that over 4.3 million people in Australia (32% of the entire national workforce) are now working remotely.
Some companies are considering scaling down physical offices in favour of a long-term remote working model. Employers are striving to balance team productivity, security and employee engagement. If remote work is the new norm, it’s impossible to ignore the challenging nature of the situation.
Remote working affects performance not only for technical, practical reasons. The emotional impact is perhaps equally significant. Business leaders may think the technology that allows us to do our jobs and the initiatives that enable us to feel supported at work aren’t related, but they’d be sorely mistaken.
This is why IT and HR teams need to partner to empower employees to do their best work from home, and to help their organisations safely and securely to weather the storm over the coming year.
Traditionally, IT security teams have been considered the sole owners of the cybersecurity element of a business. It was their responsibility to implement the right technologies to protect the organisation, and that was that.
But in the current situation, the cybersecurity landscape is becoming increasingly complex with new and exacerbated threats. The surge in home working has caused a spike in usage of vulnerable services, like VPNs, increasing the likelihood of attacks to individuals and organisations.
Cyber-criminals lure in people working from home with the pretext of sharing useful information on the pandemic, and compromising their networks as a result.
These attacks can not only disrupt business activities but also cause employees a great deal of distress. With so many people accessing corporate networks from personal devices, their own data is also now at risk.
While threat protection technology can help to safeguard organisations, users must also be trained to recognise potential threats in emails such as unsolicited attachments or links and be given clear guidelines on how to handle such events.
As part of the new landscape, companies should consider adopting a zero trust approach, assuming everything is suspect and eliminating implicit trust associated with the locality of user access.
This model is founded on network visibility and requires insight into all assets (applications, devices, users) and their interactions. This enables IT pros to create and enforce an authentication policy. If these are tied to assets and not network segments, IT teams can apply the same set of policies regardless of where a user is accessing data and applications.
Zero trust is not a product; it’s a mindset. While it’s IT’s job to get the technical elements right, people’s behaviour, their awareness of security threats and their respect for policies, can have a considerable impact.
That’s why IT and HR teams must be in sync, with HR taking the lead in communicating the importance of a zero trust approach to the entire workforce.
After all, just the phrase ‘zero trust’ has implied negativity, with employees feeling that excessive controls can hinder their productivity or, worse, are designed to monitor their every step.
It’s HR’s responsibility to help IT teams drive education around cybersecurity risks and how a zero trust model is crucial to mitigating them. It’s also useful, as part of internal comms, to share tips on how to stay alert and detect social engineering attacks. This education, alongside solid network visibility, is the first step to protecting the organisation against cybercrime.
HR can add real value
A dispersed workforce creates a series of business performance obstacles, the first of which is information. In a time of extreme uncertainty, companies should look at forming a cross-functional task force to centralise useful information, from sharing remote working tips and best practices to fixing minor IT issues before they escalate.
With misinformation spreading like wildfire in times of crisis, it’s essential to give employees a single source of truth.
Being able to easily share resources, communicate ideas and feel like part of the team is key to maintaining productivity. Encouraging video conferences, rather than audio calls, can help to enhance the sense of collaboration.
Businesses should also enable seamless communications with instant messaging tools, allowing employees to pose questions to their teammates and receive answers more quickly, as they would have done face to face. Preserving positive office dynamics is critical, so HR and IT must team up to make this possible with the right technology.
While striving for an efficient business-as-usual approach, companies shouldn’t neglect to take care of their employees as people. IT and HR should work together to create initiatives that are aimed at helping staff cope with the difficulties they are facing right now.
For example, with many employees forced to be isolated from some of their loved ones, offering them the use of corporate web conference accounts for personal communications can help to keep the morale high. Small but significant gestures can make a world of difference in keeping teams happy, engaged and motivated.
When we think of the implementation of new technologies that allow companies to adapt, we think of IT teams: driving innovation and making change possible.
Yet, it’s important to understand that change can take place only with the buy-in of workers in the business environment. To get the people on board, HR staff must cascade down the instructions and decisions that come from the company’s digital leadership.