Editor's note: The following is a guest article from John Beattie, principal consultant at Sungard Availability Services (Sungard AS).
Most organizations currently employ a hybrid work model — and more are ready to follow suit.
Nearly 89% of businesses feel a combination of remote and in-office working is the ideal setup going forward, a Sungard AS survey shows. Three-quarters of workers think it's important to retain flexibility as part of the return to normal, a recent Adecco report found.
Despite the tremendous appetite for a more flexible working arrangement, plenty of organizations aren't sufficiently prepared to support long term hybrid work.
Their security strategy was built to protect onsite workers, their infrastructure remains too reliant on legacy IT, or they have a business continuity program that centers on pre-pandemic protocols.
If you're among them, it's time to reevaluate and refine these processes. Here are three ways to sustain a long-term hybrid workforce.
1. Secure the right things the right way
Security was mostly an afterthought as businesses rushed to establish remote workforces during COVID-19. Remote workers are harder to secure, and cybercriminals quickly exploited the situation. Ransomware attacks grew 485% in 2020, and keep rising.
Unfortunately, not much has changed since 2020 — many organizations still have holes in their security posture.
Just over one in five companies (21%) are confident their infrastructure security can operate in a remote work setting long term, and only 7.5% are very confident their security protections against phishing and ransomware attacks are acceptable in a largely virtual environment.
If a business in that boat, one of the first priorities should be to adopt a zero-trust security framework. Given the severity of the latest cyberattacks, perimeter security alone is no longer enough.
A zero-trust approach isolates workloads using micro-segmentation to prevent bad actors from moving laterally throughout a network if they gain entry, and ensures that access to certain data is limited to only those who need it.
With more sophisticated cyberattacks on the rise and a predominantly dispersed workforce, businesses need to be sure their bases are covered both inside and outside a network.
Beyond that, implement ingress and egress filtering to prevent illegitimate traffic from entering and exiting a network, optimize backup capabilities and policies to strike the right balance between disaster recovery requirements and malicious data loss expectations, and have a plan to recover data following a cyberattack. That way, should an incident happen, employees can quickly get back to work.
2. Modernize infrastructure and technology
The pandemic underscored just how much businesses rely on technology. But many organizations still don't have the right technology in place. More than two in five business leaders agree their company must provide more or improved technology to create a successful remote working environment for employees, according to Sungard AS data.
Some 31% of employees were overwhelmed by the number of work and home devices they need to manage, according to a Deloitte report. Consider streamlining technology solutions by providing employees with a single device they can use for work and personally.
It's not just about ensuring workers have the proper tools and devices; it's about guaranteeing they can access the workloads and applications they need at all times. That requires a modernized infrastructure with high availability systems in place.
3. Build resilience into all relationships
Operational resilience is no longer an afterthought. And for good reason.
At the start of the pandemic, many businesses realized they weren't prepared for a multi-faceted disruption. They have no intention of staying that way.
Certainly, businesses should consider lessons learned and how it has changed with remote work – rethinking workplace recovery options for example – but organizations need to think broader.
Assess the business resilience of vendors and partners as well. Do they have sufficient plans in place? How long can those plans withstand disruptions? Have they been sufficiently tested?
Organizations should also take measures to limit concentration risk. The last thing you want is to put all your eggs in one basket, so checking that vendors are geographically distributed or even diversifying the supply chain or third-party partners could save serious headaches down the road if one or more of them experiences a disruption.
The hybrid work model isn't going anywhere, but its long-term future depends on whether your organization can properly support it. By addressing security, technology and operational resilience, organizations will be equipped to sustain a hybrid work environment full time.