IT professionals are having to keep up with the increased requirements brought on by a huge increase in remote-working, says new research from Manage Engine.
Over half (59%) of IT teams believe they are either “under-equipped or still have some way to go” to deal with the security & privacy demands of remote working, new research from Manage Engine has found.
IT Service Management
It comes despite 72% of IT teams stating that the IT Service Management in their organisation continues to be effective despite remote working conditions.
The research from the enterprise IT management provider focused on the impact of remote working & Covid-19 on IT service management (ITSM).
Kumaravel Ramakrishnan, Product Manager at Manage Engine observed “The fact that only 40% of organisations feel that they are properly equipped to tackle the increasing security & privacy concerns arising due to remote work is disturbing.
Mitigate Security & Privacy Threats
“Organisations should take a two-pronged approach to mitigate security & privacy threats by applying the right tools & processes & more importantly, by educating employees on threats like social engineering, ransomware, phishing & building a culture of privacy.”
The research discovered that:
- 38% cite user training & knowledge sharing being the greatest challenge of remote ITSM, closely followed by managing IT assets (36%)
- 16% believe they are still under-equipped to cope with remote working, over 3 months into global lockdowns
- Nearly one-third (29%) of the organisations feel they did not do enough prior testing of their business continuity action plan, with the other major areas of improvement being better knowledge management (42%) & IT asset & BYOD policies (32%)
IT Professionals
Manage Engine surveyed 519 IT professionals across a range of topics.
The survey asked 15 questions across 5 areas which asked about the impact of employee remote working; financial & asset management implications; security & governance issues; third-party services & technology assistance & business continuity success levels.
Jamie Akhtar, CEO & Co-Founder of Cyber Smart said businesses are in a difficult position right now & with many employees using their own devices or just working from home, IT security measures are both more important than ever & more difficult to enforce.
Security Policies
Akhtar commented “42% of staff state that their company’s security policies (like needing to have an IT admin install new software) make it more difficult to do their job. This is why education is so important.
“IT teams need to both develop clear security strategies for remote working & explain to staff what is at risk if they do not follow them. These plans should require the fundamentals of cyber hygiene even for employee personal devices.
“These include strong password protection, up-to-date software & firewalls, & secured home networks.”
Knowledge Sharing
Javvad Malik, Security Awareness Advocate at KnowBe4 explained that knowledge sharing & being able to effectively train employees has become quite the challenge.
Malik added: “While there are undoubtedly many technical challenges to having the workforce working remotely, procedures & knowledge sharing are perhaps the most important, yet, often overlooked aspects.
Communication Channels
“In the office environment, many issues can be quickly resolved with a tap on the shoulder, this is removed when working from home, & when faced with a multitude of communication channels such as email, instant messaging, video calls, phone calls, text messages etc, it can be easy to become overwhelmed.
“At the same time, criminals are actively trying to take advantage of these by phishing users by masquerading as the IT team, colleagues, or execs.
Guidelines
“It’s therefore important that organisations set clear guidelines out for communication, both in terms of how employees should reach out for assistance, & how to expect inbound communication.”
Niamh Muldoon, Senior Director of Trust & Security at One Login observed, “The key thing to understand if businesses are to move forward in the hybrid working model is that traditional security approaches are no longer enough.
Security Controls
End-users no longer have the security controls afforded to them when they were based in their offices full-time – these controls are no longer present in this hybrid model. Organisations need to understand this & review the existing model, applying a new security model & program to their hybrid operating environment.
“Identity is the most important aspect to this new hybrid operating model – understanding who and what device is trying to log into their business environment systems & associated applications.
Streamlining identity with IDAAS technology solutions will support organisations in continuing to deliver quality IT services while balancing cost & risk for the organisation.”
