In this article, Jeff Hausman, VP & GM of operations management (ITOM, ITAM, Security), ServiceNow, shares his advice on how IT departments can better manage the increase of unknown personal devices and collaboration tools amongst remote employees.
As companies continue to implement long-term remote and hybrid work plans, employees have taken it upon themselves to invest in their own personal technology and collaboration solutions and devices to be productive and collaborative from home.
As McKinsey & CompanyOpens a new window cited, remote workers are changing their consumption patterns in the shifts spurred by COVID-19, as sales of “home office equipment, digital tools, and enhanced connectivity gear†have boomed. I’ve seen this at my own company, where the number of unknown devices used by our employees has doubled since the onset of the pandemic.
However, this increase of unmanaged and unchecked assets is presenting quite a headache for IT departments. This is because assets that employees purchase on their own can expose businesses to complex security and management risks, as well as create a sprawl of solutions that are sometimes competing and/or are going unused.
From a security standpoint, the points of entry and attack surface grow exponentially with a remote workforce. Even before the pandemic, devices such as laptops and tablets were vulnerable to data breaches. According to a 2020 study by the Ponemon Institute and MorphisecOpens a new window , 68% of organizations experienced one or more endpoint attacks that successfully compromised data and/or their IT infrastructure. Combining the use of home networks with the increase of unknown assets to get work done creates a recipe for security threats.
Learn More: Asynchronous Work: How Digital Platforms Can Enforce the Boundaries of Work and Life
Further, from a cost perspective, unknown populations of end users can indirectly access systems that a company may not be licensing. As a result, in the event of a software audit or contract renewal, a seven or eight- figure true-up estimate might be presented by the software vendor. Additionally, cloud solutions are spun up daily and often go underutilized over time. For untracked assets, the billing meter may continue to run despite the employee no longer utilizing the solution.
To put it simply, if you don’t know what assets you have to manage, you can’t effectively track and secure them or mitigate the risks around them. Here are some steps that IT departments can take to better manage the influx of unknown, personal devices and collaboration tools amongst remote employees in this new era of work:
1. Start At the Source To Ensure Accountability Across the Organization
Enterprises should create a clearly defined process by which their employees can request and add technology assets to the corporate network. This prompts employees to think through what they are buying, if they need it, how they will use it, and most importantly, if they can make a business case for their requested asset.
2. Discover All Solutions and Devices
You can’t protect what you don’t know exists. Conduct an audit that discovers and identifies end-user devices, hardware assets, software solutions, SaaS infrastructures, and public cloud tools leveraged by remote employees. This will help IT departments answer basic questions such as how many vulnerable installs do we have? Why do we have ‘X’ number of laptops in a certain country where no employees are based? Which assets have corporate confidential or customer data on them and are subject to privacy laws and regulations?
3. Monitor and Reconcile Assets To Optimize Costs and Mitigate Issues
Use automation to monitor and track assets being operated, serviced, and patched, as well as categorize signature patterns discovered on the network into buckets like vendor name, device model, device ID, and more. This enables IT departments to act on issues such as inventory discrepancies, underutilized cloud waste, and/or lost or stolen assets proactively. Garnering business context into these aspects can both optimize costs and enhance the employee experience since you aren’t waiting for these issues to evolve.
4. Properly Dispose Of Assets So That They Can Be Used More Efficiently
Enlist the power of automation further to implement a system that allows employees to offboard or retire technology assets that are no longer in use. IT departments can then proactively plan for equipment upgrades, lease expirations, and inventory swaps. An added bonus is that this process allows IT to be more sustainable, as retired devices can be identified and used for technology donations.
Learn More: When Design Meets Performance: How to Ace User and IT Remote Work Productivity With Thin & Light Devices
As we move into an era of distributed work, companies will be expected to provide the assets, systems, and collaboration tools employees need to do their jobs. However, the increasing flexibility of technology, such as SaaS, for example, means solutions will continue to be purchased by business units rather than centrally through IT departments.
IT will still be tasked to manage all assets and support flexible models, but following the above steps will give them the ability to oversee the technology lifecycle from request to disposal,     better equipping them to serve a hybrid workforce.