Security in a Post COVID-19 World
The challenge is to determine what permanent changes will be born from this event and ensure security is prepared.
Since March, the biggest topic of discussion within the security industry is how security will be impacted by COVID-19 and the “new normal.” The primary concerns include managing back to work operations such as screening for potential COVID-19 symptoms, support for contact tracing and touchless access. However, these are measures that could subside once the pandemic is under control. Nevertheless, the COVID-19 pandemic is a historic event that will transform the workplace as we know it. The challenge is to determine what permanent changes will be born from this event and ensure security is prepared.
One change that most experts are in agreement on is the significant increase in remote working. The pandemic has forced companies to address and reduce limiting factors of remote working such as technology, workforce management and productivity. One study indicated that 77% of workers would like to continue to work remotely in some capacity (Human Resource Executive, 2020). Companies that are able to operate effectively with a greater remote workforce are more willing to consider this option than before for many reasons such as reduced costs, greater retention and increased labor pool. Numerous industry surveys support this perspective. For example, one survey showed that 78% of CEOs of major corporations stating work from home programs will significantly increase going forward and post COVID-19 (PwC, 2020).
If a company’s workforce will be comprised of a significant number of remote workers, there are new physical security implications to consider, plan for and address.
One issue is protecting corporate assets that are issued to remote workers. Assets like laptops, docking stations, monitors, printers, keyboards, mice and headsets can easily reach several thousands of dollars per employee. In the past, remote workers largely consisted of management or professional level employees that on average, live in relatively secure and lower crime areas. However, the increase in remote workers is likely to impact all types of employees including those who live in higher risk areas. In that scenario protecting company assets becomes more significant and may require a range of measures to be implemented such as providing physical locks for equipment, stipends for home security and security assessment tools.
Another area of concern is protecting people and operations. Traditionally, employees and their work were protected at a corporate site. With these same people working remotely outside the corporate security realm, they become more vulnerable. For instance, an employee who can perform certain corporate activities such as the ability to transfer corporate funds or who has access to secure data is at a higher risk. Protecting against this vulnerability may include several measures such as implementing a more secure process of accessing data or functions and improving home or personal security.
So, how can organizations mitigate the risks posed by an expanded work from home workforce? First, it is critical to involve Corporate Security in discussions and plans for any upcoming workforce changes. Be sure to identify potential issues or vulnerabilities and their risk to the company and proactively develop measures to address those that pose the greatest risk. Determine the costs and operational impacts of all potential mitigating measures and then assess which make the most sense to implement. Develop a plan of action for implementation to ensure a smooth and effective rollout. And finally, continuously monitor, solicit feedback and make adjustments to implemented measures to ensure ongoing effectiveness. Using this framework, organizations should have all the tools necessary to address the security concerns of a remote workforce.