By Janet Balis
5m read time
After a year of social distancing, technology trends around how we work and how we shop have accelerated, with dramatic implications for IT networks and security. Companies today face a more complex environment of risk — whether from hackers with more sophisticated threats, from employees who can’t work effectively on a strained network, or from customers who are alienated by either slow and disjointed service or news of high-profile data breaches.
Many businesses today have networks and security architectures and operations that were built separately and therefore aren’t integrated as well as needed. New access gateways were added into networks to enable remote work, and employees are increasingly using their own phones and tablets to conduct business, offering new avenues for malfeasance. Customers also expect experiences that seamlessly crisscross physical and virtual domains. Meanwhile, incursions from bad actors, such as through ransomware, have grown more prevalent and more complex.
Long after COVID-19 dissipates, companies will need to ask if their network is equipped to handle the extra traffic and strain while simultaneously remaining secure. To find out, you first need to explore the ways in which your employees and consumers are using your network.
Remote work has been vital for protecting the safety of employees during the pandemic. But as in-office collaboration has fragmented, and as workers find themselves distracted or disengaged amid a stressful time, the safety of the business can be threatened. Phishing attacks, ransomware, malicious apps and improper data sharing are just a few of the risks. Meanwhile, a report by Netwrix showed that, as the spread of the virus intensified, 85% of surveyed chief information security officers said they sacrificed cybersecurity in the scramble to enable remote work. Because of this, rogue actors are waiting to exploit weaknesses to damage a company’s IT infrastructure.
“The work-from-home paradigm presents a traffic pattern change, adding stress to the network and traffic and network access points,” says Amr Ahmed, Managing Director, Technology Consulting, Ernst & Young LLP. “IT networks must have resilience to keep pace with the times.”
Even without a security threat, increased use of employee collaboration technology can stretch unprepared IT infrastructure. Potentially thousands of applications interact with on-premise and cloud infrastructure. Working from home changes online traffic patterns, which can cause performance and operation challenges and security risks if they are not monitored for anomalies.
A new normal of remote or hybrid work when the pandemic abates requires IT managers to think about monitoring and understanding workforce experience, through home or remote networks, to ensure that they can connect and utilize new technology tools. Companies can achieve this by:
The pandemic intensified e-commerce trends and further complicated consumers’ digital behaviors. Your customers have higher expectations, often shaped by interactions in other industries and services, and the bar is likely set by their last best experience. The digital and physical worlds are getting closer, and those companies that don’t follow suit will end up surrendering market share. Three expectations affect your company’s network infrastructure and security:
In response to changing technology and consumer demands, enterprises are constantly expanding the use of their existing IT infrastructure — posing challenges in maintaining the accessibility, performance and scalability across the hybrid landscape that the business and its customers require.
The complexity of services underpinning worker and consumer experiences demands a shift away from the “flat” network concept, which focuses on legacy network parameters and security architecture, without considering business functions, applications, services, partners and third parties, and others.
As companies move from linear to fully networked ecosystems, network traffic in the supply chain will explode. Companies that once were only connected to their tier one suppliers may now require visibility into tier two and three suppliers. This integration with suppliers may be accomplished through electronic data interchange, direct database connectivity via application program interface, or direct connectivity through a peer-to-peer platform. And while public blockchains might eventually take some of the strain off a company’s network, plenty of companies are looking at implementing private blockchains that will require constant communication with their participants.
Seeking more agile and resilient global supply chains, companies are also adding hundreds of thousands of internet of things devices to trucks, forklifts, factory machines and more, each emitting a bit of data to relay temperature, location, on/off status and other variables. In short, the data coming over the company network from suppliers and partners is about to explode.
Network traffic and access patterns have grown more prevalent and sophisticated — and companies should expect those trends to continue. An organization can expect breaches when its network security approach is too lax, yet the data flows for the experiences that remote workers and customers expect can suffer when your IT architecture and security policies are too stringent. Enterprises will need to balance network performance and security with enough agility to improve how they interact with employees, customers, suppliers and other stakeholders.
Jonathan Sears, Principal, Technology Consulting, Ernst & Young LLP, also contributed to this article.
This article was originally published on ey.com. For more information about how Ernst & Young LLP can help you unlock long-term value for your stakeholders and thought-provoking content for technology professionals visit ey.com/CIO.