Archive | April 2, 2020

Enabling at Pace whilst Securing the Workspace

As we find ourselves in lockdown and for those for whom it’s possible working from home, the use of communication and collaboration tools have become invaluable in enabling us to do our jobs successfully. In fact, for many who are not used to working this way, it may have been and maybe still is a learning curve. Both as individuals and organisations we have had to enable at pace; enable our people to do their best work in difficult circumstances, enable our infrastructure to support increased demand and enable our business to support both employees and customers alike.

With this enabling at pace comes the inevitability of increased vulnerability, and the need to secure the wider workplace as this extends into the home. More than ever before with services and solutions being extended, increased, adapted or adopted; ensuring that security is not forgotten is key.

Supporting your people

As an organisation, it is understandable that enabling your users to communicate and collaborate and access information and data securely is of utmost importance. The number and scale of collaboration tools being downloaded and used across multiple device types has increased exponentially in the last few weeks. As such, the number of those who wish to exploit any vulnerabilities in such platforms has increased also.

Enabling at pace should not negate the requirement of choosing the right platform(s) and solutions, from an operational, useability and security perspective, nor should it be an excuse for people to eschew company policy and procedures. I encourage both individuals and organisations to examine the privacy and security policies of any platform or solution you are considering using, especially if it isn’t one you have used before.

Good practice and user training are also key to ensuring that your workforce can work productively and securely whilst working from home or other remote locations. These should be an extension or adaption of any existing remote working policies previously employed. Given that for some, this way of working may be new to them, ensuring they have support of those more adept at using these platforms is paramount.

As an example, we host 30-minute drop in sessions several times per week remotely, to ensure that others have the opportunity and safe environment to ask questions or watch demonstrations of productive and secure methods of working. In addition to this, we have created a network of champions, that via multi-channel engagement methods, across several business lines are always able to support those who require it.

Personal Responsibility

To a more personal note, there is much as individuals we can do to keep ourselves, our data and our businesses safe and secure at this time, here are a few tips that might help:

  1. If you are creating an online meeting for others to connect to, ensure that you make use of the security functions available to you. As an example, if a meeting gives you the option of using a password to secure the meeting, use this function. If you are inviting people outside of your organisation, turn on the lobby feature. This will keep people in a virtual holding room in which you have to allow them in. This will prevent people from simply obtaining a link to your meeting and joining. If the person you are inviting is external make sure you know who the person is that you are admitting, and if the person isn’t who you were expecting and without good reason, remove them from the meeting.
  2. If the tool you are using allows you to restrict certain options such as people unmuting themselves, or people sharing their screen (and the context is one where you are presenting rather than collaborating) enable these restrictions to reduce interruptions or possible subversive behaviour.
  3. Be wary of sharing information of a sensitive nature across collaboration platforms, especially with external participants. Information can be screen captured in an online meeting without your knowledge. If you wouldn’t hand out this information to the people on the call in a real face-to-face meeting, then don’t share it in an online meeting.
  4. If you are sharing documents, ensure that you apply the necessary protections. As an example, you might be able to make the document read-only, or only accessible by people within your company, or even prevent download. Always share only what is necessary, especially to those outside the organisation

Most importantly, read and become familiar with the security and acceptable use policies that your organisation provides, these are put in place to protect you and the company, and adherence to these will help you work in a safe, productive manner. If you are unsure of what you should do, which given the extraordinary situation we find ourselves in is a distinct possibility; reach out for help within your organisation to ensure you protect yourselves, your family and the company that you work for.

There are of course many other ways to enable at pace whilst securing the workspace, and I’d love to hear how you are supporting your friends, family, your businesses and each other in these unprecedented times. Feel free to reach out if I can help or support in any way.