One of the new work policies that emerged with the pandemic was hybrid work. According to the 18th edition of the Robert Half Confidence Index, the model was used in 2022 by 48% of the surveyed companies.
In addition to opportunities, adopting a hybrid work model presents several challenges, such as providing employees with the appropriate technology and implementing new policies to manage the team.
The way of working became mobile, using devices and networks that lead to greater adoption of cloud collaboration technologies to share potentially confidential information among colleagues. It creates new cybersecurity challenges for companies.
Here are some recommendations to ensure the security of this hybrid work model and also balance accessibility for companies.
Reinforce device security: Devices used by employees for work-related tasks should be kept up-to-date with the latest antivirus to reduce the risk of external threats.
Optimize productivity and collaboration: In a hybrid workspace, companies must balance the security of collaborative work and employee productivity. Without proper controls, collaboration tools can expose organizations to risks.
Internal threats are present when the team uses workflow collaboration tools. They can take different forms, for example, accidentally sharing a customer database, intentionally disclosing the company business plans or sending confidential data to the public cloud.
DLP solutions with content-based protection capabilities can help reduce these security risks by monitoring and blocking shared private data.
Adopt Zero Trust: ‘Never trust, always verify’ is the basic principle of Zero Trust and means that there is no implicit trust in networks, systems or data. If the organization adopts a hybrid model, it means a mobile workforce and the need to protect people, devices, applications and data, regardless of the location.
In this case, DLP solutions support the Zero Trust concept, and everything is blocked, allowing access to content according to the needs of each employee.
Daniel Niño, Platform Manager, Axity
The hybrid era of working from home and the office has presented many challenges for organizations regarding their infrastructure, security and use of the cloud. Regarding the complete adaptation of our organization, we can say that we have taken measures to address these challenges, although there is always room for improvement.
Firstly, regarding the cloud, we have adopted a hybrid cloud approach that allows us to take advantage of the benefits of both public and private clouds as needed. Our employees can securely access relevant applications and data from anywhere, and we have implemented policies and procedures to protect confidential information.
Regarding communication infrastructure, we have upgraded and expanded our connectivity capacity and implemented tools and platforms that enable effective and secure collaboration within and outside the office. We have also provided employees with the necessary resources to work effectively from home, including devices and access to the network.
Concerning security, we have implemented additional measures to protect our systems and data, including multifactor authentication and rigorous security policies. We have also provided training and qualification to ensure our employees are always aware of the best security practices.
However, we are always in constant pursuit of continuous improvement. We are exploring ways to simplify our infrastructure and processes further to ensure our employees can access the tools and information they need more efficiently and securely. We also continuously monitor security trends and adapt our policies and procedures accordingly.
The most important thing we have done is to involve employees in the change management process in this new way of working. They are allowed to provide feedback and contribute to the planning and execution of the change. It can help increase employee acceptance and engagement and foster a collaborative and supportive environment during the transition.
Change management is crucial for successfully adopting new technologies in hybrid work. By preparing and educating employees, clearly communicating objectives and benefits and working together to overcome challenges, we can ensure that the change is a positive and transformative experience for the entire organization.
Jairo Correa, Head of Applications Management and Infrastructure, Endava Bogotá
Endava began adopting tools and processes for a hybrid model sometime before the COVID-19 pandemic, and it has accelerated implementation and tested all established controls. Over time, we have learned from the process and improved how we set up the organization to support all our collaborators.
Endava is a global organization with thousands of Endavans across five continents. In this context, the cloud infrastructure was designed to be scalable and flexible.
Some controls have been implemented in the tools to allow their use from anywhere and to guarantee access and support to all our Endavans. The network that supported our operation in the traditional model was expanded to allow for flexibility in remote work while providing the same level of security expected by our clients within our offices.
Similarly, device management practices, access identity management and network infrastructure were designed to provide appropriate security to meet our standards and industry regulatory frameworks.
There was also a strengthening of online collaboration tools with greater security, but all our Endavans access video conferencing, chats and documents to work effectively from anywhere. My colleagues are all over Latin America and Europe, so we did not feel much impact on how we work together with the hybrid model.
Security is a huge issue in an organization like ours, but I can share that we have implemented clear policies and procedures to ensure that our data and that of our clients are protected, secure and compliant with the regulatory frameworks in which we operate.
Although for many of us, the way we do it is transparent because it happens on the platforms we have always worked on, measures such as data encryption, secure access through VPN, permission and access management are part of our workflow organically.
All these security measures can be effective, but the most important part has been ensuring that we all have safe practices in our work. We have solid technical security communities and actively participate in community forums such as OWASP in the different chapters of Latin America, where Endavans share knowledge and stay updated with best practices for implementing security in our projects.
Similarly, we count on an excellent security team, which keeps us alert with many campaigns and attack simulations.
Ana María Franco, Business Manager, InterNexa Chile and Colombia
The COVID-19 pandemic undoubtedly left us with many lessons and challenges to redefine various situations in our lives, both personally and professionally.
One of the most relevant issues that emerged for those leading human resources was the need for physical presence. Questions arose about the necessity of having 100% of employees working in the office, the opportunity for a better work-life balance with hybrid work arrangements and the logistics, security, information protection and resource optimization implications of these arrangements.
At InterNexa, our employees started working from their homes the day the pandemic was declared critical by the responsible public health agencies. It happened in the different countries where we have a presence without negatively affecting the business continuity. The productivity increased, and sales went up. In addition, people reported finding a better personal, family and work balance with this model.
Therefore, we decided to adopt a hybrid work model indefinitely and for the long term to maintain productivity and allow our employees to have the better work-life balance that this approach provides.
A central premise for the success of this movement was that we had all the infrastructure in place so that each employee could have the necessary information to work outside the office securely, always safeguarding information, which is our most valuable asset. We ensured that our most critical information was in our cloud, which became an excellent ally under this model. Furthermore, the information protection mechanisms were activated and functioning perfectly.
We also provided ongoing training and education to be aware of potential cyberattack risks, always keeping in mind that people are the weakest link in the chain regarding attacks.
In conclusion, we can say that InterNexa is now a company fully adapted to the hybrid work model, which has made all our infrastructure, portfolio and services available to make the continuity of our operation possible without the location where our employees work being a hindrance or obstacle.