Covid-19 has caused problems internationally, both for people’s health and their ability to work and provide for their families. Business owners have been doing everything within their power to continue trading whilst adhering to ever-changing government rules. Some made a full transition to remote working, others partial, and some continued trading on-premise at a limited capacity. There were, however, many businesses that did not make it through this most difficult of years. To be sure your business does not follow suit, we will now take a look at the two goals highlighted in the previous blog in the series and what you need to implement to achieve these goals.
Let us remind ourselves what those challenges/goals are:
- Reduce risk – increase security and compliance
- Increase profit – be more productive
Technology is the main driver to make the transition to full-time remote working. It can also assist a hybrid of on-premise and remote working, or it can revolutionise the way you work currently on-premise. Tech can drive a change and achieve it.
Finding a solution to both challenges that compliments the way you work has benefits that can carry your business to long term success throughout 2021 and beyond.
We will now take a brief look at what can be done to ensure you achieve your goals.
-
Reduce risk – increase security and compliance
We can split the requirements needed to find a way of achieving them into 4 subheadings:
- A cultural change
- Technical controls
- Infrastructure
- Data
A cultural change
- A cultural and procedural change within your business is essential. Changing your staff’s attitude toward security and making it a more prevalent part of their workday is important – the only way this can be achieved is by a good standard of training and support for users. They need to be trained on the need for passwords and data management procedures, and also the dangers of using the wrong apps and Shadow IT.
Technical controls
- Implementing the best cybersecurity practice is essential. You can start to do this by using two-factor or multi-factor authentication (depending on your required level of security). Requiring two distinct forms of identification in order to gain access is a great starting point to protect your system.
- Another is the use of Firewalls. A Firewall acts as a gatekeeper to your system and a filter between your computer and the internet, only allowing through what is safe and blocking access to unfriendly/ unfamiliar data and entities. Firewalls can protect your system well whilst still letting you go about your normal daily functions.
- When working on a mobile device, encrypting that device is a good idea. It is easy to misplace your mobile device and just as easy for someone else to access the data on it. The idea of mobile encryption is to protect your data from falling into the wrong hands should someone get a hold of your mobile – full disk encryption (FDE) encrypts all the data on it.
- Anti-malware is another important step to ensuring your business is protected from cyber-attack. It is a software program with the sole purpose to prevent, detect, and remove malicious software on IT systems. Malware comes in a variety of different forms including viruses, rootkits, spyware, and ransomware; all of which have the ability to stop your business functioning if you do not have Anti-Malware installed on your system.
- Eradicate the use of Shadow IT; you have no control over it, you cannot control the backup and recovery of data or control who is accessing the resource either. There may be employees with lower access privileges that should not be able to see, modify, or copy certain data. Before introducing any new technology into your infrastructure, you should test said tech to see what potential impact it could have and what can remedy any inefficiencies that it could cause. When using Shadow IT, it is introduced outside of normal business practice and does not undergo these checks. Yes, it can potentially make a process faster, but having not undergone the checks it could also do irreparable damage to a vital business function, thereby causing untold problems for the entire IT infrastructure.
Infrastructure
- Be sure you have good infrastructure for your IT, check the age, lifespan, and level of support of current systems and legacy applications. Check end-user devices are secure and find out if they are owned by work or the employee themselves. If they are not owned by you then you should rectify this immediately, as having control of what your employees access and what they access it on is important to ensure security.
Data
- Knowing the basic information about your data is important and knowing where it is stored can be essential to ensure you are complying with legal obligations. For example, data of residents in the EU cannot be stored outside of the EU. Access to data also needs to be monitored so you can check who is accessing it and why.
- Backup and recovery are a part of GDPR in that you must be able to recover any data that you lose – especially where you have had to keep a record of people that are omitted from lists, so you do not inadvertently reuse their data at a later point. Depending upon your industry there are different details to take note of from industry regulation but, as a general rule, it is good business practice to have a disaster recovery plan. Many businesses have one for practical purposes, a fire or a loss of power, for example. The technological aspects of ‘how to keep the lights on’, how to keep your team productive when IT fails, or your access to IT services are often forgotten about or are not as comprehensive as they need to be in this digital age.
-
Increase profit – be more productive
Like we did previously, we can split the methods to achieve these goals into subheadings.
- The right tools
- Integrations and automation
The key to increasing profit is being more productive, and the key to being more productive is having the correct tools; ergo, having the correct tools increases profit.
The right tools
- Shadow IT can be a problem when it comes to productivity when often that software seems to do something better than the alternative and hence why the employee chooses it. But it often falters on something, leading to employees downloading apps to improve it – these downloads are not backed up and could pose a number of risks to your organisation. The Shadow IT may not have the capabilities of the one that you are providing, in turn making the productivity possible from it limited in comparison to the alternative.
- Ensure that your staff have the correct training. When working on-premise, or remotely, ensuring your staff have a good knowledge of how the system you use works is essential not only for security reasons but for productivity purposes too. With a good knowledge of what they will be using every day to carry out their daily tasks, they will learn the best ways to be productive with it. Showing that you are willing to invest in them being productive and happy with the tools they are using every day can only be a positive thing for your company.
Integrations and automation
- Use Microsoft 365 range of tools. 365 has tools designed specifically for communication, collaboration, and productivity, the most popular of which is Microsoft Teams – with 115 million daily active users they must be doing something right. The entire range is also integrated and has automated features – it offers a “single pane of glass for business operations” – giving more scope to be productive as everything is in one place. You can automate the more mundane tasks to allow more time for productivity. 365 offers a platform to revolutionise your technological infrastructure and direct it toward a new, more productive future.