Bringing Devices Back to the Office: 3 Considerations for IT Admins
Employees are returning to the office. While that’s good news for businesses, IT admins are facing new and unique challenges when protecting and securing devices in what’s now known as the hybrid work environment.
The workplace of today is different than a year ago; the COVID-19 pandemic made that a reality. For example, forty-five percent of organizations are implementing a hybrid work model in the second half of 2021. This model provides employees with more flexibility but isn’t necessarily what’s best for IT infrastructures. IT admins in fact are paying close attention to what employees are bringing back and forth to the office to avoid the spread of malicious code.
There are three considerations for IT admins as employees return to the office.
Protecting corporate data is the name of the game
Even though there’s a lot that goes into protecting networks and systems from the increasing number of cyberattacks, cybersecurity comes down to one thing — protecting data.
One of the main ways cybercriminals gain access to corporate data is through unprotected employee devices. Fifty-five percent of IT decision makers worldwide said one of the biggest challenges in maintaining control of IT environments is employees adding solutions and environments, according to research from cybersecurity management company Tanium.
What are you doing to protect endpoints? Are you ensuring they’re up to date? Are you using a platform with unified endpoint management? There’s nothing in it for threat actors if they’re unable to access a target’s data, so eliminating endpoint vulnerabilities, one of the largest security exposures, reduces the risk of potential threats.
Lastly, educating end users frequently about cybersecurity threats is necessary in today’s increasingly complex threat landscape. Reviewing cybersecurity best practices annually isn’t enough. Develop and deploy a security awareness training program designed to educate end users about the ins and outs of protecting corporate data.
BYOD: What’s your policy? Develop it and then enforce it
Despite the best efforts by cybersecurity professionals to curb the use of personal devices for work-related purposes, the bring your own device (BYOD) movement gained more traction during the COVID-19 pandemic.
Forty-seven percent of organizations reported an increase of personal devices being used for work, according to the Bitglass 2021 BYOD Security Report. Even more alarming — 82 percent of organizations said they now actively enable BYOD to some extent, the research found.
Allowing end users to connect to corporate networks with their personal devices could prove disastrous. Personal devices are oftentimes less secure than corporate-owned devices. Banning personal devices from accessing corporate networks is usually the best policy for organizations.
If that’s the route you take, ensure your end users are fully aware of the policy and what it means for them. Educating them on why it’s necessary to abide by the policy is also in your best interest. Your goal should be to minimize the chance of end users circumventing BYOD policy (you may want to consider display action for anyone who violates your BYOD policy).
For guests, you can establish a guest network, one that cannot access the corporate network.
What’s on your network?
Identifying devices on your network isn’t easy. Getting a handle on your inventory is oftentimes tricky. It takes time and resources. And even when you think you’re done, another unknown device requests to join your network (especially if you allow employees to bring in their personal devices).
Knowing the devices on your network is key to securing it. The more visibility you have into your environment, the better. Having visibility into your network allows you to more easily identify threats and address them. Using the right device management tools can help with maintaining device inventory.
Not everyone is returning to the office after the COVID-19 pandemic. While the hybrid work model is popular among employees, IT admins are more wary of what it means for protecting IT infrastructures from cybercriminals. Knowing what to consider about devices as employees return to the office is key.