Securing Government’s Weakest Work-from-Home Links
If asked who or what is driving your organisation’s digital transformation, how would you answer? Is it your CEO? Chief Technology Officer? For many, the answer is COVID-19. This certainly rings true for the public sector now that an estimated 70 per cent of the 1.2 million employees across federal, state and local governments work from home.
Of course, government IT professionals are used to managing complex and distributed IT systems and users, but COVID-19 really re-framed the IT risk management challenge.
The good news is that, as part of their business continuity plans, many government agencies had sophisticated teleworking systems and remote workplace collaboration software available when lockdowns struck. Staff could swiftly begin to work from home and continue with business-somewhat-as-usual. This was particularly true of the larger, more well-resourced agencies.
However, while the preparedness was commendable, it doesn’t necessarily mean that the new work-from-home environment is optimised for the performance and security that is so essential to government work.
In addition, this level of technological readiness and agility was more common among metro versus regional or local agencies. For smaller state and local agencies, enabling remote work was far more of a challenge—and in many cases, brought with it a notable increase in risk.
With workers spread across the country, and globally, connecting via the internet, remote work has brought with it many more connections that can fail. Support for thousands of new endpoints is now required. There are new challenges at an application, network performance management and security level. An evolved approach to IT risk management is more critical than ever.
Make working from home work better
Whether you’re a larger federal, or smaller local government agency, the next step is to optimise the remote work environment. Do staff have access to the technology they need to get their jobs done effectively? Are their home work environments fully protected?
Achieving this depends to a great degree on the functionality of your networks and applications—whether they are able to support the workload of your remote workforces, whether they are secure at a time when cyber-attacks are on the rise and whether they enable productivity. Poor network performance has the potential to create security, productivity and performance risk, as it can make or break application performance.
There’s somewhat of a negative feedback loop here, given that staff who do not feel adequately resourced to do remote work productively may turn to third-party applications—shadow IT—to get the job done. In just one example, the government banned the use of Zoom for federal politicians on 8 April 2020, and the Department of Defence has banned the use of this very popular video conference solution due to security flaws.
This can increase risks across government agencies at a time when high performance is particularly critical. On 19 June, Prime Minister Scott Morrison warned of a “sophisticated state-based” cyber-attack targeting all levels of government, industry and beyond. “It is vital that Australian organisations are alert to this threat and take steps to enhance the resilience of their networks,” said Morrison.
Seeing is optimising
Remote work is also creating new network visibility challenges that hinder the ability of IT teams to identify and resolve issues before they escalate. With additional complexity across the IT environment, it can be harder to detect where exactly issues were located—within external agencies’ infrastructure or somewhere else along the application deployment chain.
Understanding what is happening across your network, and where, is the first step to securely empowering remote employees and catching red flags before they turn into something that could land an agency in the news for all the wrong reasons.
By gaining a complete view of their agency, IT professionals can gauge performance everywhere, at all times, across a complex, hybrid web of legacy, mobile, cloud and shadow IT components. In this scenario, it becomes clearer exactly when, and where, there are improvements to be made or unusual activities to secure.
Riverbed’s unified Network Performance Management (NPM) makes it easy to monitor, troubleshoot and analyse what’s happening across your hybrid network environment. The integrated dashboard enables agencies to monitor, report and resolve operational issues throughout government operations. With end-to-end network visibility and actionable insights, any network-based performance issues can be proactively resolved.
A few examples of red flags that can indicate productivity or security issues lie ahead:
- Users are spotting issues unknown to the IT team
- Productivity is down
- Apps are taking a long time to load or there are regular site outages
Given what is now being forecast about the future, remote work will become more common than ever. As such, the visibility and optimisation that network performance management platforms like Riverbed NPM provide become increasingly important components of IT risk management.
While it is unlikely the government shifts to permanent work-from-home models like some Silicon Valley tech giants have proposed, early analyses show strong support to make remote work an accepted practice, rather than the exception. It is increasingly likely that the ability to support flexible work arrangements will become foundational to retaining and attracting the best talent.
In other words, as McKinsey and Company put it, “Since the world is unlikely to ever return completely to its pre-pandemic ways, the public sector should seek to rapidly change how it works, including improving its agility and productivity, in lasting ways.”
The future of the public sector will require more flexible, hybrid ways of work, enabled by secure, high-performing IT—whether its staff are gathered in offices in a city centre, or spread out across homes throughout the country and across the globe. Additional vigilance is critical. As organisations, we’re only as strong as our weakest link.