Over the past year, we’ve all had to deal with more remote workers needing more support. More people had to work from home to be productive, and more companies either allowed staff to work remotely or were forced to support this to keep going. This has led to an increased spend on IT over time in terms of how to support remote workers.
According to the UK’s Office for National Statistics, 46.6% of people in employment carried out some work at home in April 2020. Of that total, 86.0% did so as a result of the coronavirus (COVID-19) pandemic. With around 32.4 million people working in the UK, that is a significant number. Similarly, the US Bureau of Economic Analysis called out Information Processing investments around technology as a big driver for the increase in Q1 2021 spending within the non-residential fixed category. So, more remote work and more spend to keep the lights on.
At the same time, there are still a lot of problems around service management and application lifecycles that make delivering new processes or changes more challenging that are not related to the pandemic. Where these processes were poorly documented in the past, all the work that went on over the past year may have aggravated the issues.
What is in place today to support remote workers?
The increase in home working – and the increase in technology spending to support remote workers – has been necessary. However, supporting the remote user population is a different challenge from what came before for many organizations. Whether you’ve a large number of employees at home or a small number, the shift involved some new ways of working and less control over processes than IT teams would normally like. After the initial problems of getting users set up at home and able to be productive, the longer-term issues around IT service management (ITSM), to keep all this working smoothly, are now real concerns.
One issue is knowing exactly what your organization is supporting now. This is an IT asset management and inventory challenge, where building up an accurate picture of the assets that employees use for work supports the longer-term management of these assets.
This has become more difficult, as teams struggle with knowing what was taken out of the office when employees went home to work remotely and with knowing what has been added through personal spending or department credit card expenses. Without this accurate data, it’s harder to manage users effectively and keep the service and remote worker support processes going over time. It can also affect other processes such as managing software licenses. If you were not able to keep up with all the changes that came up during the lockdown process, then start again to see what’s in place today to get that accurate overview. Once you have this, you can plan ahead.If you were not able to keep up with all the changes that came up with your IT assets during the lockdown process, then start again to see what’s in place today to get that accurate overview – @Bill_Mrochek #ITAM Click To Tweet
The next thing that may come up is how heterogeneous IT has become. You can no longer rely on having a simplified set of assets, applications, or operating systems in place to make the job easier, because you’ve less control over the procurement and provisioning process. This can mean that you’ve many more operating systems, hardware assets, or devices being used. On the one hand, this can increase the burden on your support teams as they now have more types of assets to think about; on the other, it can lead to more software-as-a-service applications getting used which typically require less support on installations and upgrades. The change here isn’t for better or worse; in many cases, it will just be different from what was previously in place. Once you’ve an accurate asset list, planning on how you support new assets and services can require some thought over time as you aim to do what’s best in terms of remote worker support.
Who’s using what?
Alongside all these new IT assets, the other challenge is who’s using these devices. While the user may have their own devices, they may not be on the corporate network or only get on occasionally. With everyone working from home, how can you prove that they are who they say they are when they sign in?
The old approach of using a user identity and password is not enough. Not only do users find it hard to remember suitably strong passwords, but IT teams also have to be certain that those credentials are not being abused. To manage this means looking at identity and access management, or IAM. This involves looking at a directory that you use to manage access to the network through to how you control access to cloud applications. There are multiple standards for this from traditional Kerberos and RADIUS implementations for on-premises networks, through to SAML for managing access to web and cloud applications.With so many people now working at home the old approach of using a user identity and password is not enough. You need to look at identity and access management says @Bill_Mrochek #IAM #infosec Click To Tweet
Alongside this, you have to look at the devices themselves. For example, users may want to work from their own phones or tablets alongside using company-owned devices. Here, adding security certificates to any device that a user might work on provides a way to prove that each device is authorized to access company applications and data. Any device without the necessary certificate can be denied, which can be a quick and easy way to de-provision access and ensure that access is always authorized and applications remain secure.
Once you’ve put in authentication and authorization approaches, you can also look at how to make the workflow process easier. This involves looking at the context that users might go through. In the office, everyone would log in and access any application that they had. That same level of access is possible when people work remotely, but you may want to think about how to make this easier to manage over time.
A good example of this is how your users might work from different places. Some staff might only work in the office or at home, so looking at IP address locations can be useful for more security. While it might not be possible or advisable to whitelist every home office IP address, you can make the support process easier and more secure. If your staff only work out of the UK or the US, then blocking access from IP addresses in other countries from France or Germany through to China or India would automatically solve a security problem, even if a user’s correct credentials were stolen or guessed.
For some companies, the need to support remote workers will also mean travel. For these employees, putting in a rule around having to authenticate using a second factor such as a one-time password may be enough. Alternatively, you could look at linking access to a specific device, so that only the right personal credentials on the right device will provide access. The most important thing here is that any workflow should support and enable the user, rather than getting in the way, but still protect any company assets or data.
Building on these processes to support remote workers
Over time, the impact of the pandemic will lessen and there’ll be more freedom to adopt hybrid working practices. While some companies will mandate wholesale returns to the office, others will look at how to take advantage of the new ways of working that have developed.
To support this, IT teams will need to adapt. For instance, some employees may never return to the office and will be happy to use their own equipment and devices to access company applications. Others will want their employers to provide them with the right tools to work effectively wherever they have to be, and across a mix of office, home, and remote locations. There will be no one-size-fits-all approach that can cover everyone equally. Instead, processes will need to adapt to support remote workers and remote working effectively.The role of identity management will become more important within service delivery and management over time – @Bill_Mrochek #IAM Click To Tweet
A good example of this is how the lifecycle around assets will change. Typically, a new starter would be provided with their work machine following IT installing an operating system image and default applications that are relevant to their profile and work requirements. But what happens when staff don’t need to come to the office? For those using Apple devices, the Apple Business Manager program is an example of how to solve this problem. Rather than shipping to the company, the IT team installing applications, then providing them to the user, this program lets companies define their own image and then drop-ship the machine directly to the user. The same approach is possible for Windows devices as well. The aim here is to make the user experience as smooth as possible while letting IT teams stay in control.
With this in mind, the role of identity management will become more important within service delivery and management over time. Having effective methods and processes around on-boarding, updating, and de-provisioning services to every user will be necessary. Especially when employees may never come back into the office, let alone hand their machines over to IT for updates. Instead, we have to think through how to keep these processes working for users, and how we can implement the right levels of control and compliance for IT over time as well.
How to support remote workers is a balancing act. However, it will be necessary for the future of IT, service, and ITSM. Rather than previously focusing on how to keep the lights on, this is the opportunity for IT organizations to rethink the results that they want to deliver and the path to getting there.