Currently, the Delta variant continues to ravage the United States while about half the population is vaccinated, returning to offices, and resuming many normal activities. Even while we navigate these uncertain, confusing times, it’s clear the pandemic changed the way we work and continues to affect workplaces.
According to a CNBC article, “Recent polling of HR leaders by research firm Gartner found that the percentage of companies saying they would reopen workplaces in Q3 2021 fell by more than half from when it asked in late April to July 28, when it most recently canvassed HR executives.” Post-vaccine, a hybrid model with many people continuing to work remotely will likely be prevalent throughout the rest of the year and possibly permanently.
A Computer Weekly article also notes that “despite the massive investment in remote access infrastructure, most companies have continued to struggle supporting remote workers.” While the pandemic turned many of us into remote workers, we presented serious IT challenges to helpdesks—and those challenges are not going away.
Let’s look at some of these challenges that continue to impact organizations.
1. Employee networks at home
Instead of using a robust IT network at an office with plenty of internet bandwidth, employees suddenly relied on their home networks that were not built with office use in mind. These home networks got strained with parents using videoconferencing for work, kids using videoconferencing and remote learning applications, and members of the family streaming movies or TV shows.
This situation leads to many support calls about “performance issues.” We put that phrase in quotes because it relates to technical issues often outside of our control—such as the type of internet package an employee uses at home and the behavior of family members.
If a particular internet service cannot handle that much streaming video at once, if an employee’s wireless equipment cannot handle the amount of bandwidth going through it, and if too many family members are trying to use bandwidth-heavy applications at the same time, then the best solution is often an internet upgrade that the employee—not the organization—must decide to deploy. Otherwise, there is not much a helpdesk can do about limited internet bandwidth at an employee’s home.
2. Bring Your Own Device (BYOD)
The BYOD trend has existed for many years, but the pandemic heavily increased the use of personal devices for work. Practicality drove much of this trend during the pandemic. It’s easy to use the devices you own at home for work, and it’s cheaper for organizations to avoid buying hardware. Yet, with so many employees using their own devices for work, IT helpdesks often have no control over what software and applications are running on these devices. They also don’t often meet minimum specifications such as security standards and processing power. These limitations can make it hard to support such devices.
3. Hastily thrown together remote access solutions
It’s risky when remote access solutions such as Virtual Private Networks (VPNs) are thrown together in a hurry to accommodate remote workers. Many VPNs are set up and configured incorrectly, and many security vulnerabilities exist that can compromise your data and systems.
The security of these solutions is always our biggest worry. Organizations using VPNs often don’t follow basic best practices such as requiring multi-factor authentication (MFA), applying patches and updates, and running a VPN on appropriate hardware and software.
VPNs work best with organization-owned devices. Secured, typically browser-based remote portals and cloud-hosted applications work best with employee-owned computers. Avoiding the use of an uncertain VPN is especially important when employees use a weakly secured wi-fi connection (such as public wi-fi) or a home network that’s not secured properly. Many VPNs were not properly planned and deployed, and so the lack of appropriate capacity, licenses, and oversight cause many support calls.
4. Global equipment demand
While current global supply chain issues involve many factors, one key factor was everybody suddenly needing a laptop for remote work. This demand contributed to the current global computer chip shortage, which has all IT vendors scrambling to find equipment. (If you’ve been having problems ordering equipment and getting it delivered on time, you are definitely not alone.)
This situation also introduced the challenge of setting up many, many new laptops for clients. During the past 12 months, we may have spent more labor hours on this job than anything else!
5. Evolving security threats
As employees shifted heavily to working remote, cyberattackers followed them. Knowing these at-home employees were softer targets than in the office, cyberattackers increased the sophistication of their attacks by:
- Exploiting poorly secured home devices and networks
- Exploiting poor wi-fi security
- Exploiting poorly configured VPNs
- Tricking employees into handing over user credentials by getting them to click on phishing and scam emails
- Reading unencrypted data
- Unleashing ransomware onto devices not properly backed up
- Exploiting security vulnerabilities in unpatched software
- Entering your organization’s network through an employee’s computer and remaining undetected in your systems
The Cybersecurity and Infrastructure Security Agency (CISA) even released a report earlier this year highlighting how cyberattackers are using the vulnerabilities of remote workers to enter cloud-based systems.
How VC3 Has Addressed These Challenges
These are serious problems and a challenge to any IT vendor or staff attempting to support remote workers. How have we stepped up to address these challenges?
1. We’ve continued to learn and adapt.
It’s important that your IT staff or vendor is continually learning as times change. Some areas where we’ve had to adapt include:
- Remote Support: While we’ve always done a lot of remote support, there are certain issues we would typically troubleshoot in person for a number of reasons. However, when we’re not able to go to an employee’s house, we had to adapt our troubleshooting processes with the assumption that we would not have physical access to the device.
- Procurement: We had to get creative with finding equipment to meet our remote workforce demand. This meant finding new distributors, looking at brands and models we didn’t use in the past, and innovating our procurement processes.
- Cyber Threat Detection: Cyberattackers are getting better at entering and remaining undetected inside your systems for many, many months. For us, that meant we needed to come up with an endpoint detection and response (EDR) solution and roll it out as quickly as possible. EDR focuses on a single “endpoint device” (such as a server or computer). If a threat is found on your computer, an EDR tool can cut your computer off from your organization’s network—preventing further spread of a dangerous virus or malware. An EDR tool can be deployed, run in an automated fashion, and enhance the level of security protection for an organization at a low cost.
2. We’ve worked hard to educate our clients about this new remote landscape.
Educating our clients was often tough because the pandemic created so much urgency (and even panic in some cases) related to getting remote solutions going. While we helped get these remote solutions up as fast as possible, we also needed to educate clients about security risks related to their new remote solutions. Some ways to mitigate those risks included:
- A need for multi-factor authentication (MFA): Remote access software needs an extra layer of security because a cyberattacker with employee credentials could get access to their desktop and possibly your entire system. MFA requires another step (such as inputting a code sent to your phone) that makes it difficult for a hacker to enter your systems.
- Stronger password policies: A password policy needs to enforce best practices such as using a password on all devices, using passphrases or complex passwords, and avoiding the use of the same password for all systems an employee accesses.
- Training employees about phishing and cyberattacks: Hackers use social engineering techniques that trick employees into handing over access to your systems—and criminals know that people can be the weakest link in your security. It’s important to train employees about spotting scams such as phishing, phone scams, and other online trickery.
3. We’ve continued to encourage cloud solutions when appropriate.
The shift toward more remote workers makes this a perfect time to leverage cloud solutions whenever possible and appropriate. One of the most important cloud solution benefits is to give employees access to an application from anywhere. For that reason, organizations already using cloud solutions had a leg up on this pandemic when it hit.
As we’ve discussed in the past, the cloud provides remote workers resiliency against cyberattacks, lessens the risk of permanent data loss, provides accesses to an application anytime/anywhere, and offers better technical support. Cloud solutions adapt well to a remote workforce, and we encourage clients to explore cloud solutions whenever feasible.
Need help addressing any lingering IT risks with your remote employees? Reach out to us today through the form below.