Let's be honest, early 2020 work-from-home policies were built virtually overnight, with little thought put into them. Given the limited time due to the rapidly growing COVID-19 pandemic, organizations cut corners to get employees up and running remotely without impacting business operations.
The unfortunate rush created a situation where users have taken further liberties by integrating their own consumer-grade collaboration devices and accessories into business processes. This has created numerous headaches from an IT security and administration perspective. Let's explore options for how IT leadership can rewrite the rules on end-user home collaboration devices by creating an updated end-user device policy to ensure a business can better control UX and cybersecurity with relative ease.
Option 1. Eliminate BYOD
Over the past few years, work from home (WFH) employees have been creative when it comes to using consumer-grade collaboration technologies and add-ons to their advantage. Examples of BYOD include the use of personal laptops or desktops, add-on webcams, consumer-grade wireless headsets or earbuds, and even the integration of home automation appliances, like Google Nest or Amazon Alexa.
When it comes to collaboration quality, reliability and manageability from a business perspective, however, these unique uses of BYOD technologies tend to be more detrimental than helpful. One reason is that the quality of these components varies greatly, creating a situation where UX fluctuates depending on the devices in use. Second, IT support teams are often forced into troubleshooting an unlimited range of collaboration devices, which creates a tremendous time sink.
The easiest, yet most drastic solution to the overuse of unrestricted BYOD collaboration device usage is to simply eliminate it. Of course, this shift will likely produce the biggest end-user backlash. It would also require that the business offer WFH employees enterprise-grade collaboration devices and accessories to fill in the gap for BYOD tools that would no longer be allowed. A budget also would be required to satisfy this new policy. That said, the overall collaboration experience will return to balance, and the burden placed on help desks when troubleshooting consumer-grade devices would be largely eliminated.
Option 2. Limited BYOD
A compromise that might be more appealing from a WFH end-user and Capex standpoint might be to limit the type, makes and models of devices and accessories that can be used and supported within an organization's collaboration platform. Doing so significantly reduces the number of components IT support has to be familiar with from a troubleshooting perspective. At the same time, it makes it easier to create a baseline for acceptable UX-quality levels that can be monitored and tracked over time. While this model will undoubtedly not receive full support from all users, it's a compromise that most will understand and accept over time.
Add extra cybersecurity protection
In addition to BYOD decisions, every reworked policy for end-user home collaboration should address and bolster cybersecurity requirements. In many situations, cybersecurity policy requirements were written in a haphazard manner or completely ignored because the underlying remote access infrastructure wasn't comprehensive or scalable enough to take on the extra load. In many cases, organizations cut corners that created security vulnerabilities when remote users connect to collaboration services inside data centers or clouds. In certain cases, vulnerabilities in consumer-grade collaboration BYOD components created the entry point, providing a pathway into the greater corporate network.
Now that remote workforces in many organizations are here to stay, a long-term cybersecurity strategy must be introduced to account for these WFH remote access security shortcomings. In many situations, a complete overhaul of WFH remote access is in order. Popular options to remedy cybersecurity gaps include the following:
- hardware-based teleconferencing security appliances;
- secure virtual desktop infrastructure;
- desktop as a service; or
- integration of a Secure Access Service Edge
Depending on the organization's need, these remote workforce access options provide plenty of cybersecurity protection for sensitive business communications.