Getting your IT right…January 14th, 2019
O2 Business report recently about getting your IT right…
Ask many IT professionals what the greatest threat to their organisation is, and you may be surprised by what you hear. Often it’s not malicious hackers, or unscrupulous competitors, or even corrupt individuals within the business that IT departments point the finger at. Instead, it’s two words: “user error”.
Even well-meaning employees can inadvertently cause problems for IT staff, and there’s a tendency for tech workers to greet every new story of breaches caused by password reuse or bogus phishing emails with a roll of the eyes and worrying lack of surprise.
Instead of lamenting users who aren’t as familiar with the ins and outs of technology as we are, and lamenting the security risk they represent, the IT community can embrace the value of its people and educate them, turning a potential security weakness into a strength. Technology empowers people to carry out their jobs effectively, but to achieve that benefit, an organisation must train its people on security and mobile device management to protect them and itself.
After all, the unfortunate fact is that security slip-ups can happen to anyone, regardless of how tech-savvy they are. All it takes is one lapse in concentration, and you can be unwittingly handing over your credentials or data to an attacker. Just ask O2’s Head of Digital Specialists, Lee Hargadon, who documented an instance of having his debit card cloned for O2’s Business Blog.
“The human factor will always be a weak element of your cyber protection strategy, and given the ease of use of mobile, it’s the next threat vector to be dealt with,” Hargadon wrote. “
If you need more proof, just look at the amount of organisations that have suffered data breaches thanks to IT staff failing to password-protect their cloud storage services
It’s not all doom and gloom, though. A properly educated and empowered workforce can be a business’s strongest asset, and using technology in the right way can help them deliver more effectively. A business that understands how its people work is better placed to improve its overall security posture across the board and make itself more resilient. Spam and phishing emails are a great example; you can ignore employee training in favour of firewalls and enterprise anti-spam defences if you want, but that means that when a malicious email slips through the net – and it really is a matter of ‘when’, not ‘if’ – your people may be unable to spot the warning signs and be unaware of the risk opening that email poses to the business.
This also applies to other phishing methods, such as over text or social media. Can your anti-spam software guard against a bogus Facebook message targeted at the team member who runs your social media, or a malware-laden text purporting to be Domino’s offering a free pizza, sent to a corporate device?
If, on the other hand, you give your people proper training on phishing – including what it is, how it works, what the techniques are and how to spot them – you can harden every department in your business, empowering them to fight off anything that gets through the firewall, without having to rely on IT. As an added bonus, it’ll also make them more generally tech-savvy, as well as making them better at sniffing out scammers in general.
Of course, when it comes to empowerment, technology has other vital roles to fulfill outside of security. For example, the right technology can do a lot to boost employees’ productivity, allowing them to get more done, faster. You should make sure that you’re giving employees the right devices for the right jobs, which means looking at the needs of individual workers.
If they spend a lot of time outside of an office environment, they won’t need a desktop machine – but a smartphone or tablet device may be better-suited to their needs than a laptop, if all they need to do is respond to emails or fill out a few forms. Making sure that your people have the right tools will ensure that they have all the capabilities they need, without them having to drag around an unnecessarily large device. A secure smartphone is just as effective as having a PC but sits in your pocket.
Technology can be used to support remote workers too, and it can be really important in making sure that they don’t feel isolated and left out. It’s easy for individual field workers to feel like they’re on their own, and can quickly lead to them feeling undervalued and overwhelmed. Using collaboration tools can help remote workers keep in touch with colleagues at head office who can offer support and assistance, and can also connect field workers across the country. As an example, a domiciliary care organisation has issued mobile devices to its team of care workers, who spend most of their time visiting patients and rarely checking into the company’s offices. By using mobile devices and cloud apps, their carers were still supported and connected when they were out on the road.
Similarly, when one online retailer began expanding globally it brought people together with a cloud-based storage solution that integrated with the business’s existing technology and working methods. This allowed its global workforce to stay connected, whether they’re stationed at the UK office or working remotely.”
Technology can have a huge impact on the processes and procedures that help you run your business, but it’s important not to forget that technology should serve people, not the other way around. IT can empower and connect individuals, making them more secure and efficient at work, but also helping them be happier and more fulfilled in their work life generally.
In association with O2 Business, Jan 2019