If companies want to implement the Everywhere Workplace for their employees, they must protect the digital workplace against new attack vectors. However, the potential of IT security in the remote working world has not yet been exhausted. In addition, management sometimes takes a different position than IT regarding IT security and digital strategy. This is shown by a study on the Digital Workplace by WEKA Consulting and the independent market research institute IFAK in cooperation with Ivanti.
Danger recognized, danger averted? Not in the Digital Workplace – here, “risk misjudged” applies. Because companies want to implement the Everywhere Workplace for their employees, they must also protect the digital workplace against new attack vectors – with modern technologies. However, the potential of IT security in the remote working world has not yet been exhausted. In addition, management sometimes takes a different position than IT regarding IT security and digital strategy. This is shown by a study on the Digital Workplace by WEKA Consulting and the independent market research institute IFAK in cooperation with Ivanti. So what about the security of the digital workplace?
Table of Contents
Hybrid Work (further) On The Road To Success
Mobile working has been the standard for most industries in the last two years due to the pandemic – which had to be made possible on a broad basis in many companies at short notice. IT departments have therefore done their best to keep their colleagues able to work in the mobile workplace. With success: Two-thirds of all respondents are so satisfied with the concept that they would like to be able to switch between a workplace in the office and a freely selectable workplace even after the pandemic has passed. Every third study participant already works hybrid with a limited number of home office days. Just as many respondents work in combination without restrictions and are free to choose how many days they work away from the office. IT employees are even more in favor of hybrid working than management.
Neglected Digital Strategy
A hybrid working environment is primarily based on the provision of functional and secure jobs. Many companies and their IT departments have come a long way here. However, the strategic foundation for this hybrid work concept, which has emerged in many places at breakneck speed, is often missing. The task now is to organize these grown structures and set them up in a goal-oriented manner. Because the new working models require new processes and tools. The study shows that companies are working on such digital workplace concepts differently.
In addition, the perception of these strategies by IT professionals and management often differs. Only one in ten IT experts surveyed agreed that their company pursued a targeted digital workplace strategy. However, twice as many of the managers surveyed share this opinion. Therefore, a targeted and comprehensive digital workplace strategy is missing or not recognizable to the employees, although it is indispensable for a functioning and secure hybrid workplace.
The study also shows that management and IT experts have different perceptions of where responsibility lies, how well-positioned a company is, and which steps should be prioritized. This represents a clear hurdle – and prevents adequate protection against dangers.
Hardly Any Influence Of IT Teams On Digital Concepts
The differences are already apparent in who is responsible for developing the digital workplace strategy: 82% of management see themselves primarily responsible for designing a hybrid workplace strategy. However, only under half of the respondents from the IT department share this assessment. They also see their department as responsible – management hardly shares this view. These discrepancies mean that digital concepts are not developed holistically – regardless of who is accountable for them because management and IT managers have to pull together for a good and secure strategy.
The results of a study on the integration of IT in decision-making processes show that this is not the case everywhere: More than half of the managers surveyed stated that the role of IT departments in companies has changed and that they are more closely involved in strategic processes and decisions. However, very few of those surveyed from IT see it that way – they feel left out.
IT Security Is Not Prepared For The Digital Workplace
However, a digital strategy designed by experts is necessary. This is already evident in the hardware: mobile hardware is the future of the digital workplace, allowing people to work from anywhere. The companies have already done an excellent job in this regard: almost half of all respondents are satisfied with the company’s equipment in mobile device management or enterprise mobility management.
However, there is a backlog and discrepancies between the positions in the company about IT security hardware and thus the protection of the digital workplace. Here, the management level sees their organization as better positioned than the IT experts: Almost eight out of ten managers surveyed rate the equipment with IT security hardware as “good” or “very good” – only six out of ten IT experts see it the same way. Almost a third of them rated the equipment with IT security hardware only as satisfactory.
Suppose the management overestimates the company’s security and therefore sees no need for action. In that case, this can have fatal consequences: Attackers look for the weakest point of a company – often the employees’ mobile devices. Companies usually handle the security of the digital workplace too inexperienced. On the other hand, IT sees the lurking danger: A quarter of those responsible for IT believe that IT security is only partially equipped for the digital workplace. On the other hand, the majority of managers consider IT security to be very well positioned. After all, they also see a need for development.
Challenges Should Be Solved Together
It is not surprising that the extent of the investments required for this development is assessed differently. Management and IT departments are fundamentally in agreement: alongside suitable notebooks and a broadband connection, IT security is one of the three key technologies in the digital workplace – for management, it is even the most important.
At the same time, an increased IT security risk is the biggest hurdle to a digital workplace for almost half of the management. IT managers also agree that conflicts with the management level are an even more significant challenge than securing the digital workplace. This result indicates a technology issue and a work culture issue that both sides should work on together.
IT Teams Rely On Preventive Security Technologies
If cooperation were to increase, there would also be a more rounded picture in strategic decisions on IT security technologies. Compared to IT, management relies more on reactive security technologies such as backup and data security. You can recover data after an attack. On the other hand, IT teams are more in favor of preventive technologies that prevent attacks on employees, such as mobile device management, identity & access management solutions, or monitoring solutions. However, reactive and preventive strategies for protecting digital and mobile workplaces should be balanced for adequate protection.
People are sometimes the most significant IT security risk. Therefore, training is one of the essential tools to ensure a high level of IT security in the digital workplace. Management and IT agree that employees’ preventive training is equally valuable and necessary. Overall, the study shows that all respondents still rely heavily on classic protective measures such as VPN, backup/data security, antivirus/antispam/antiphishing, or firewalls. More modern standards such as identity & access management, mobile device management, enterprise mobility management, or patch management still hardly play a role for companies.
Make IT Fit For The Future
These results are questionable, especially intending to secure remote working environments. Because for companies to benefit from the advantages of the digital workplace, management and IT departments must address the topic of IT security in a targeted and far-sighted manner. Preventive protective measures and a standard digital strategy are required to effectively protect the digital workplace from attackers.
Overall, the study sheds an attractive light on the sometimes significant differences in perception between company management and IT teams about securing digital workplace structures: While the management level sees their organization as well-positioned, the IT experts remain more cautious. The Everywhere Workplace creates new attack vectors that can only be closed with consistent mobile security concepts such as zero-trust security and biometric authentication processes. Here IT is even more required to seek close exchange with the management and position itself as a strategic partner.
The Digital Workplace will continue to gain a foothold as a new working model. From now on, IT and IT security teams no longer just have to make hybrid forms of Work possible and secure digital workplaces. IT can play a pioneering role in this and distinguish itself through forward-looking security strategies in the company. Modern security concepts such as zero-trust, mobile threat defense, identity management, passwordless multi-factor authentication (MFA), or role-based access control that includes the user’s location are the future of functioning and secure the digital workplace.