In most companies, a large proportion of desks are not used on any given day. Instead people are working from home, coffee shops and the airport – and many don’t turn on their VPN. The decentralized nature of the modern workforce poses real challenges for IT/ops teams.
According to 1E, an endpoint management and security company, up to 20 percent of a company’s workforce are not updating their systems and software. This delay reduces endpoint visibility and leaves the door open to hackers looking to capitalize on software vulnerabilities. Furthermore, this practice makes software migrations, including the migration to Windows 10, an extremely difficult process.
Sumir Karayi, Founder and CEO at 1E navigates through these risks.
Digital Journal: How has the world of work shifted in recent years?
Sumir Karayi: Employees are more empowered. When you want to be competitive, when you want to innovate – an absolute necessity for any modern business – your workers are your most valuable and important asset. And the more important workers have become to their organizations, the more these workers have been in a position to empower themselves. Employees are now able to impact the type of devices and software they can access and, more importantly, decide how, where and when they prefer to work.
This has been incredibly beneficial for businesses. Greater flexibility, for instance, often leads to those same people working longer hours of their own volition. By and large, businesses have gained from giving people more freedom.
DJ: Why is remote working more popular?
Karayi: People like freedom and choice. People want to be able to work from outside the office, they want to work from home, from airports, from Starbucks – the number of Starbucks locations alone indicates that they are not just places to grab a coffee, but also places of work. Remote working has become so common that 70 percent of people globally work remotely at least once a week.
The consequences for IT are multifold. IT has to be able to provide a mobile-like working experience with the main working device they have: their PC. Right now, most organizations are providing an experience that falls short.
DJ: What are the security risks with remote working?
Karayi: Security becomes a bigger challenge with remote workers because they’re outside the firewall. A lot of security folks have invested more and more money over the years protecting the perimeter of the organization, and a large percentage of budget goes into bolstering that perimeter even today. But every single remote worker is outside that perimeter. And they have to have access to the things they need to do their job. Effectively it means that they become a hole in that firewall. Meanwhile, the device they’re using isn’t getting any protection from that firewall either. Additionally, up to 20 percent of a company’s workforce are not updating their systems and software. This delay reduces endpoint visibility and leaves the door open to hackers looking to capitalize on software vulnerabilities.
DJ: How easy is it for hackers?
Karayi: Someone travelling through an airport could click on a free Wi-Fi connect and join an unsecured network. This makes them instantly more vulnerable to attack. It’s a problem because the very machines that are easiest to attack are also the hardest to manage from an IT perspective.
DJ: How can these security risks be reduced?
Karayi: IT needs to augment their current security tools and not just rip and replace them. Current tools are doing a great job by and large – but they’re not coping with the modern workforce in certain ways, remote workers being a prominent one. IT needs to get a real-time capability that can reach all endpoints, everywhere. And security and ops should both be using something like ServiceNow workflow automation, so that they share a single view of what’s patched, what’s not, what machines are out there and what software is running on them.
DJ: What are concerns with remote workers and software migrations?
Karayi: When you’re trying to update a remote worker, IT needs to ensure it has control of that machine. A lot of the older solutions require things such as VPNs to be enabled. VPNs are cumbersome. A lot of users today, especially if they’ve gone to Office 365 etc., simply don’t want to turn on their VPN, because it slows everything down. Often remote workers have limited bandwidth connections. In addition, users will often switch on their laptop, send a single email, and switch it off again. The machine might only have been on for ten minutes. The problem with this is a lot of the systems management solutions haven’t been designed to manage software updates in real time – and that ten minutes is nowhere near enough.
DJ: Who should be leading this within companies?
Karayi: IT and CIOs have to do something about this soon. Part of the problem, however, comes from the divide we often see between IT and security. Security teams are saying ‘come on help us out here’ while IT ops teams are saying, ‘our tools are inadequate, and we don’t have the money to buy the new ones we need.’ Security can often buy new tools, but they’re not in charge of patching and have limited knowledge of the challenge’s IT faces – such as those presented by remote workers.
DJ: Which types of software are most appropriate to tackle these concerns?
Karayi: Software that lets users enjoy a mobile like experience (with full self-service) wherever they are; software that lets users build their new machine, and transfers all their data, settings and applications to another machine; software that allows them to upgrade to the latest version of Windows, to get applications as required and stay current so they don’t get hacked; software that allows visibility and control access to all endpoints to protect from cyber-attack.
Largely IT are still using tools – such as Configuration Manager – that were designed in the mainframe world. IT needs to be seeking to augment these solutions with something that is automated, much more real-time and much more suited to the modern world and the many remote workers that are such a big part of it.
