IT departments have had a hectic few months. With organizations across the globe switching to remote working overnight, the majority of IT professionals report that their workloads have increased significantly – by as much as 37%, according to recent research. And unfortunately for support desks, this might only be the beginning.
Now countries are gradually exiting lockdowns, and the focus is on a potential return to the office, at least for some employees. That may sound like fewer tickets filed for faulty WFH laptops or video call fails; but in reality, IT teams are bracing themselves for a storm of new issues.
Most of them are likely to be caused by our bad telecommuting digital behavior, especially when it comes to securing our devices. It's not about pointing fingers, though: working in a home environment has invariably led employees to relax their awareness of IT concerns, perhaps even momentarily forgetting the golden rule of "Think before you Click".
In fact, up to half of employees have admitted they are cutting corners when it comes to cybersecurity at home. With this in mind, IT professionals are anticipating a wave of unwanted problems making their way into office networks as soon as workers start coming in with unsafe devices.
After racing to make telecommuting safe and efficient, IT teams are going to see a 180-degree shift in focus: one towards making work safe again in the office. These are the bad habits that employees have adopted at home, and which will cause an IT nightmare back in the office – as well as top tips on how to work around them.
1. Mixing work and play
Many organizations have had employees working from home on their own personal devices, blurring the line between Zoom for business and Zoom for the weekly pub quiz. In this case, workers are likely to be using professional tools alongside their personal applications such as music and personal messaging – which are much harder to keep in check from a security perspective.
While IT departments have been working to secure personal equipment as well, this is much harder to do than to automatically update or patch a corporate device. Mick Slattery, president of digital workplace company CompuCom, tells ZDNet that there will be a significant risk to bringing these devices into the office.
"These assets represent significant threats given the lack of management, unknown security safeguards and the potential blending of personal and business activities," he says. "Ensuring proper protocols are in place to isolate those devices will be critical as we return to the office."
Scott Watnik, cybersecurity expert at law firm Wilk Auslander, agrees. Although employees will be tempted to use their personal equipment when returning to the office, says Watnik, these devices could be infected with malware, or be connected to unsecured networks based elsewhere.
Among his tips to organizations to mitigate the risk of cybersecurity breaches upon the return to work, Watnik suggests playing it safe: "Ban the use of personal laptops in the office during the 'return to work' transition, at least until all personal laptops have been inspected for such issues by IT personnel," he recommends.
2. Procrastinating the security updates
To those devices that will make it back in the workplace, and be used to access company networks, it's wise to make sure all of the applicable software patches and updates have actually been installed.
Rajesh Ganesan, vice president at IT management company ManageEngine, tells ZDNet: "People can switch off security software in the device like antivirus or automatic patch updates, or remove firewall settings, just because they come in the line of their productivity."
Who hasn't been guilty of repeatedly clicking the "Remind me tomorrow" button on an update installation notification? In this case, an innocuous click can make life difficult for IT teams, according to Ganesan, when it comes to auditing and updating the appropriate devices.
SEE: COVID-19: A guide and checklist for restarting your business (TechRepublic Premium)
One solution is to try and deal with the problem at the root, by raising awareness among employees that they should stay on top of their device's health, even in a seemingly less formal home environment.
"Instead of procrastinating the reboot and install process, employers should push proactive management of updates, and of staying on top of the user's device health," Cassandra Cooper, research analyst at Info-Tech Research Group, tells ZDNet.
No member of the IT team is looking forward to dealing with backlogged device updates, she continues. The bottom-line is: bite the bullet, and spend those ten minutes staring at your laptop screen while updates install. It will go a long way in helping the IT department.
3. Laptops at home: a free-for-all
Every employee has had to confine in a different set of circumstances, but the chances are that the device they use for work has been used by somebody else at some point, for entirely different purposes.
Whether it's a teenage child dialing into a Zoom classroom, a partner doing a quick online shop, or a flatmate downloading the evening's film: our work laptops have certainly seen unprecedented use. More often than not, however, this means that employees have shared credentials to open the device, or altogether disabled the need for password authentication.
To mitigate the consequences of these bad habits, Watnik recommends proceeding under the assumption that all passwords have been compromised, and immediately mandate that all employees change the passwords they normally use.
In other cases, workers may have logged into corporate networks from another borrowed device. On top of potentially disclosing their password to another device, this could also pose a security risk to the company's network.
"One of the first things IT personnel should do upon the 'return to work' transition is run a scan on the company network to identify all new, unknown devices being used to access the network," says Watnik.
It's also worth keeping in mind, according to ManageEngine's Ganesan, that devices are likely to have been left unattended with sensitive applications open, which can result in accidental deletion or disclosure of data.
"Tracking and managing the case of other pairs of eyes and hands that have had access to corporate devices, applications and information is the ultimate challenge for IT teams welcoming employees back in the office," he says.
4. Germs – but not only the digital ones
An ongoing concern for the IT teams that will be preparing the workplace for employees' return, is how to make sure that all incoming equipment is clean, in the more physical sense of the term.
Simon Clarke, professor in cellular microbiology at the University of Reading, explains that smartphones should become a key IT priority – and particularly how to keep workers' smartphones germ-free.
Since the start of the COVID-19 crisis, smartphones have been identified by researchers as the Trojan horse of bugs, comparable in germ-friendliness to toilet seats as a result of users failing to clean their devices regularly.
"People being tied to their mobile phones will only intensify as the UK begins its return to work," Clarke tells ZDNet. "But smartphones are a reservoir for germs and have the potential to spread pathogens. Employers need to incorporate and encourage increased smartphone hygiene as their employees return to work."
Clarke is working with mobile technology company Bullitt Group on a guide to employers on new habits to promote with employees in the workplace. Among other tips, he advises against using mobile phones in public transport when commuting, and using the speaker phone function when making calls.
Ultimately, Clarke suggests thinking twice before pulling out your smartphone in the workplace. "Is what you're about to use your phone for really necessary?" he says. "The hand-washing message has really landed, but the minute you take your phone out of your pocket or bag, your hands are no longer clean."
What's true for mobile phones also applies to other equipment that IT teams might need to bring into the office. Research firm Gartner, in its advice to businesses re-opening their workplaces, even recommends building a sanitation area outside of the office to make sure that every device gets a proper clean before coming in.
5. Re-adapting to office life
From an IT perspective, employees will be coming back into the office with a host of new WFH habits, including some that they will want to keep. John Annand, research director at Info-Tech Research Group, says that workers will have found new tools to work efficiently, and be reluctant to give them up – even if they are not part of the IT team's agenda.
"Infrastructure's nightmare scenario is the dozens upon dozens of applications people will want to bring back with them as they return to the office," says Annand. "These employees will loath to give up their new-found efficiencies just because they can sit at their corporate desks again."
Prior to March, however, these tools were not part of the enterprise application portfolio, and IT teams will have to extend backup schemes, data-loss prevention practices, security audits, or identity and access management to new unvetted environments.
"Otherwise, we're cast back in time to the dark days of the early 2000s when crusty server and storage admins routinely said no to end-user requests for fear that it may disrupt their fiefdoms," adds Annand.
That's not to say that all of the workforce's new habits should be green-lighted. In fact, a number will need reversing. With remote working being the new norm, some office-bound reflexes have relaxed, such as signing out and securing laptops when walking away from a desk. In that respect, it might be necessary to re-educate users.
This should be done in a people-centric way. Robert Rutherford, CEO of IT consulting firm QuoStar, says that while IT teams have become "the hero" in keeping organizations running during the pandemic, it would be a shame to see this role reverted.
"IT teams will need to manage the return to offices carefully and strategically to ensure they are not seen as the villain as they attempt to control any bad habits," Rutherford tells ZDNet. "This crisis has moved IT further into the heart of the business – it's important it stays there."