Suffice to say, COVID-19 heaped an unplanned fire drill of sorts on the business community when it came to town in mid-March. Companies large and small mobilized, kitchen tables were converted into home offices, and potted plants in offices across the country wilted from the lack of attention.
The business community continues to learn more now about what it didn’t know then. Certainly, companies made the best of a difficult situation, and the lessons learned during the interim are going to forge a remote workplace revolution that always had the technology to become a reality, but needed a nudge to move forward. All along, the need for security solutions followed workers home to their desktop PCs, laptops, tablets and phones.
That’s a situation that continues to be slowly rectified.
“There was such a rush to get everybody working from home that it honestly wasn’t always done in the best, most efficient or most secure fashion,” notes Scott Anderson, senior vice president of IT for Kelley Connect of Kent, Washington. “But it’s given us the opportunity, as things settle down somewhat into a new normal, to have those conversations around security.”
Anderson notes the ongoing conversation will gain more focus as the work-from-home landscape takes shape on the back end of the pandemic and companies decide to what degree it will continue. He believes it will “drive the pipeline” for remote work solutions and security in general moving forward.
As the headline suggests, the pandemic has played the role of antagonist and opportunity generator. Mike Burgard, CISO for St. Cloud, Minnesota-based Marco, points out that many organizations had to call upon legacy equipment to get all of its team members up and running from home, which opens the door to security risk. Data security—in terms of location and how it was accessed—was an even greater concern. That led to a slew of reactive conversations regarding secure access, and in turn gave managed IT providers a consultative inroad.
“Any time we can make things better and easier for the user, make things more adaptive for their organization and improve security all at the same time…that doesn’t happen very often,” he said. “So it’s a huge win.”
Transformation by Force
Burgard noted a media report that suggested COVID-19 drove more digital transformation than any CIO or CTO has in the last 10 years. Such a pithy observation can provoke a wry grin, but while the business community may have lost the “proactive versus reactive” battle, the war can be won by security providers.
Without work-from-home safeguarding, security-type events and their resulting trauma—ransomware, phishing, wire fraud—significantly increased during the pandemic, Burgard notes.
“People are willing to do things they weren’t willing to do before, because they understand their level of risk tolerance right now is really pretty low, because of the financial impact COVID has had as well,” Burgard said. “I think maybe there’s this misconception that all the organizations out there completely ratcheted up. (But) if there’s an area where spending is occurring, it’s security.”
Keith Adams, vice president of IT for Les Olson Company of Salt Lake City, points out that there was a varying degree of work-from-home preparedness among the business community. A number of organizations were fully engaged and embraced the need for new/enhanced systems to address remote work requirements, and acknowledged the need for solutions to mitigate the dangers of an uncontrolled environment. Others, unprepared for the logistical and structural changes, were loath to dedicate resources to securely lock down the remote landscape.
Conversation Starter
“I do believe that the pandemic and its associated forced business changes indicate a shift in the work paradigm and will result in the new workplace model being conceptualized with a split role from now on,” Adams said. “In the future I believe that this WILL create an environment where discussions around security and protocols to enforce protections and system resiliency will be much easier to have and will result in much more activity around security offerings.”
Jeff Leder, director of managed IT security services for Impact Networking of Lake Forest, Illinois, notes the number of new risk audits performed by the dealer were on the rise heading into 2020. Once the pandemic hit, the requests dialed down as the business community held its collective breath. Today, risk audits have caught fire and exceeded the pre-COVID levels.
“All of those risk audit opportunities presents a chance for us to work with client organizations to implement better protection and security, and further mitigate risks,” Leder said. “It seems that after that initial spike of concern, now more than ever organizations are recognizing that, especially with the changes that occurred, security is critical.”