Peter Drucker, the world-renowned management consultant, educator and author notably coined the term “knowledge worker” suggesting that 21-st century organizations will be driven by the productivity of these professionals. While various attributes are used to define a knowledge worker, mobility is often considered as a key attribute that significantly contributes to the productivity of these workers. Mobility however is highly subjective and varies from industry to industry; while a drug development company depending on the level of automation may strictly demand physical presence, a software company would be open to flexible workplace and telework. While this may be true, several other extrinsic factors including data security and privacy expectations, industry regulations as well as tax laws dictate the degree of mobility an organization can afford to build into its operating model.
While in the past, the concept of flexible workplace and teleworking were being sparingly used, the COVID-19 pandemic proved to be an inflection point compelling organizations worldwide, irrespective of their size and scale, or the industry they operate in, to re-imagine their workforce mobility strategy. As the pandemic pushed the world into a state of prolonged lockdown, the industry witnessed an unprecedented rate of development in the area of teleworking technology and online collaboration platforms, enabling organizations to increasingly leverage teleworking for delivering services to their customers. Even the internal enabling functions like Human Resources, Finance, and Legal, etc. rapidly adopted digitalization to improve efficiency by automating repeatable processes and tasks. The sustained success of the virtual delivery model has provided the necessary impetus and confidence for organizations to transition to a hybrid or a complete virtual model fully leveraging the benefits offered by flexible workplace and telework.
As organizations embark on this monumental shift, it is imperative for them to consider the risks associated with the new highly virtual operating model. With employees no longer bound to a converged fixed physical space – company office, the workplace of the future is bound to transform into a fluid, borderless environment, awarding employees with the flexibility to work from a location of their convenience. While this flexibility offers varied benefits to the organization and the employees in the form of increased productivity, reduced operating costs; it also brings about challenges concerning greying of the perimeter even as the attack surface exponentially increases, making the organization’s increasingly vulnerable to malicious attacks – cyber as well as physical.
In order to confidently operate in the new environment, the security architecture for the hybrid/virtual operating model will have to be carefully designed considering the zero-trust security philosophy. While the organizations continue to invest in sophisticated enterprise security controls, end-point security compliance will have to be treated with utmost seriousness as a single vulnerable/unpatched system connecting over an untrusted network could compromise the entire enterprise security causing a severe business disruption. Most importantly, through ongoing awareness and education programs, employees will have to be made aware of security practices for safe and secure teleworking.
The Post-Covid era or the Next Normal will most certainly present novel opportunities and challenges. Organizations will have to build advanced risk sensing capabilities to proactively identify and mitigate risks posed by the new threat landscape. With Work-from-Anywhere becoming an acceptable norm for many organizations, the security and resilience focus will gradually shift from a converged to a highly-distributed operating environment, and will continue to evolve with time.
By Shree Parthsarathy, Partner, National Leader – Cyber Risk Services, Deloitte India