Is Working From home, The New Business World Normal?

Our world is incomplete without the digital services and the cyber space. With the World Health Organization, declaring the coronavirus outbreak a pandemic, millions of businesses are now forced to adapt to new strategies of managing completely remote workforces. Major companies like Amazon, Facebook, Microsoft, Twitter and Google have already implemented remote work policies for many of their employees. Even Cambridge University announced few days back, all their lectures to be online-only until summer of 2021. Today enterprises can collapse with the click of a digital misdemeanor. Work from home (WFH), allows us to log into enterprise networks from home. It means the demand for more secure remote access for employees will be at an all-time high. Hence Organizations must prepare for possible cyberattacks on home IT networks to exploit vulnerabilities. How to monitor IT use for signs of malicious behavior, safeguard sensitive data and assure maximum compliance with privacy and regulatory requirements will assume great importance post Covid. The enterprises that extensively use cloud services, both on-premise and in public, will need to reassess and take steps to protect it.

Should a post corona world be worried about cyber resilience? An ever-increasing dependence on digital services, must also acknowledge the need for them to be delivered continuously, despite adverse cyber events. This is possible only when the processes and services are complete and capable of continual improvement through qualitative measures and feedback. Any disruption such as brought about by Covid-19 in the process maturity, can adversely affect the enterprise management in yet unknown ways.  Whether we see our enterprises cripple due to Covid resilience or survive due to cyber resilience, will be an interesting debate in days to come.

Will the worldwide pandemic challenge companies to manage their enterprises in newfound ways?  This includes understanding how to make decisions with uncertainty and decide on approaches to maintain focus on execution, collaboration and communication remotely, and keep the businesses going. In the short term, they would face enormous changes to their business plans; in the long term, they must adapt and continue to make progress on their original goals. The sheer magnitude of the working environments may make one feel that the organizations are not equipped to manage this uncertain and dynamic change.

Apart from the technology decisions, it’s also crucial to manage the process of transition and relevant adaptation of operating policies & processes. A major requirement of managing this transition is that it must be effective, concise and consistent. A facilitating approach that surrounds an organization’s changeover to remote working is essential for a meaningful change. Eventually, it is the faith, persistence and support that employees have for one another, that will keep the distributed cybernetic workplace together.  With this background, many organizations have shifted their routine operations by “Going Digital” to WFH. This works on multiple levels and offers businesses with a way to interact with their ecosystems and deliver on outcomes. At the same time, it serves the larger community concerns, by addressing the current public health needs of “Social distancing”.

Traditionally, certain industries within the IT sector have embraced the idea of WFH. But in these COVID times it will increasingly be a necessity even in sectors like pharmaceuticals, manufacturing and many others, where organizations may pick certain functions to be performed remotely and / or some section of employees, to work remotely. As work-life boundaries blur, open and frequent communication is key on how groups will collaborate and come together.

COVID-19 pandemic is forcing us to prepare for a variety of situations, and be consistently agile and adaptive. Going digital means much more than just applying digital tools and technology. It is about thinking new pedagogies, making sure that everyone has the ability to use all tech. tools without glitches.  It then becomes imperative for the organizations to put Standard Operating Protocols (SOPs) and procedures in place. When and for how long employees will connect, or how billing cycles to clients are to be initiated etc. all become important. In a transformed workplace, employee’s assessments will have to be based on the tasks they perform, rather on annual performance reviews.

WFH does allow us flexible schedules and custom environments. It even allows us to design our own workspace ergonomics and aesthetics, like wearing cozy clothes and make calls without being pried upon. With no office distractions and zero commuting, one can make bigger savings. One can even have more time with loved ones with no need to navigate through difficult traffic. Of course, a lot of discipline and willpower to be engaged in work and not in Netflix and miss out on routines, not binge on fast-food, not relax on power naps, will be needed. Boredom can slow reflexes and work. With no second supervision, waiting endlessly for the boss to call or deliver on schedules can be exasperating and disastrous.

How will the organizations benefit by WFH? First, an enormous geographical reach at lesser cost and second, low attrition rates. However, it poses challenges in terms of client approvals since they lack direct supervisory control and have a very minimal connect with people. But from an employee’s perspective, it proves to be most convenient, especially when availability of infrastructure, at employee end is a concern. While we may feel that WFH is an effective option, there are lot of risks involved in confidential data leaving the office building and being accessed remotely by employees. Post Corona must seriously address this issue. Selection or changing to appropriate technology for WFH in a complex and rapidly changing situation, won’t be easy for organizations. They will have to invest in the long-term, with best-in-class technology that is reliable, scalable and flexible.  

The efficiency of privacy systems will have to be tested before WFH can be implemented as a way of life. Businesses have begun to look for effective solutions for data security and privacy and many have started investing in them.  However, in a scenario of WFH, critical applications would no longer have borders. It means that security solutions have to protect not just a perimeter, but also the data. Solutions such as Borderless Data Access Controls (BDAC) and “Zero Trust” models are need of the hour, wherein additional protections against both endpoint compromises (using phishing and/or malware) and attacks targeting borderless applications will be required.

In order to effect operational changes in the current scenario, organizations need to ensure their business strategy incorporates crisis management, disaster recovery and risk management in order to adapt and get back on track of their business efforts. Conventional organizational change management programs are built only around technical aspects, focusing and evolving contingency plans and business continuity practices based on technology. However, in this dynamically changing environment, only those organizations which try to bring about confluence of people and processes in their change management programs, along with the technology would be in a position to navigate through and keep their productivity up and running.

In general, if an organization smartly develops and maintains its cybersecurity programs in a resilient and measured way, they stand a greater chance of making it through this difficult time safely. Measuring cyber resilience involves creating a risk profile, measuring control application and identifying policy efficacy. Implementing maturity models, such as those listed in the CMMI Cyber maturity Framework and Platform, organizations can strengthen their risk profiles and weather the storm, better than other conservative models. Probably we will see more and more organizations using Virtual Private Network (VPN) services that create an additional layer of security for trusted connections between employees and organizations, a la new Normal in Cyber Business World.