Security

Before joining CDW, I served as the director of curriculum and innovation for a large school district in Texas. In that role, I witnessed the creativity and dedication of teachers firsthand. I often traveled with those educators to conferences where we learned together about exciting new technologies that could transform the classroom experience. When we arrived back at work on Monday, we were often disappointed to learn that the networking or security teams wouldn’t allow us to use our new favorite tool in the classroom due to privacy issues.

Back then, I had a hard time understanding the rationale behind those decisions. I felt like the “Department of No” was simply getting in the way of the real work of the district. Today, that experience helps me understand both sides of the equation as I work with CDW clients to develop their security programs.

I know that teachers are only trying to do what is best for their students, but they often don’t understand that they might be putting children in jeopardy if they’re not using safe, vetted applications in the classroom. That’s why I helped develop the K-12 Blueprint for Security toolkit, to better educate administrators, teachers, students and parents about privacy and security risks.

Recent events turned our working lives upside down. With very little notice, millions of people around the world were sent home from their offices to suddenly adopt a remote work lifestyle. Four months into this adventure, most knowledge workers have adapted to working styles that replace conference rooms with video meetings and coffee chats with virtual happy hours.

I believe that we’ve arrived at a new normal where remote work will become a standard arrangement for knowledge workers. Both companies and employees will benefit from this approach. While employees can better balance their lives, companies will be able to reduce overhead expenses by consolidating and eliminating expensive physical offices. This work style comes with new cybersecurity considerations, and I urge organizations to adopt six key practices to adapt to our new working patterns.

While we at CDW are in the business of providing IT solutions and services to our customers, behind the scenes we deal with the same operational issues that other enterprises face. Earlier this year, our leadership made the decision to close our offices and arrange for all non-essential CDW coworkers to start working remotely.

Over the course of a weekend, our Information Technology teams gained firsthand knowledge of what our customers were either already going through or soon going to be. It was a tall order to tackle the enterprise networking, storage, security, collaboration and communication needs to allow 7,100 coworkers to work from home, but our teams rose to the task. Now, we’re sharing our experience with our customers.

As organizations across the country have moved to remote work models, many have reported an increase in cyberattacks. Cybercriminals, it seems, are taking advantage of the public health crisis to exploit security vulnerabilities in home-based computer systems. What can organizations do to minimize the chances that their shift to remote work results in an expensive breach? We recommend a multipronged approach that combines the use of security tools and end-user education.

The fact that compliance efforts can be challenging is no surprise to IT professionals and managers. Today’s regulatory environment is full of security and privacy regulations that place strict limits on the collection, handling and storage of sensitive information, and IT teams often find themselves responsible for the heavy lifting of compliance programs.

I recently had the opportunity to visit with a retailer that operates a large contact center to support its international chain of stores. The company was in the early stages of reviewing its compliance obligations and asked us to find ways to modify business practices to reduce the scope of its compliance efforts. After reviewing the company’s activities, we discovered a few small changes in the way the company handles information that could dramatically reduce its compliance burden. Organizations across industries can draw lessons from this experience as they seek to reduce their own costs of compliance.

The global pandemic and social distancing measures have redefined the office for many people. Industries that never would have considered allowing their office employees to work from home were forced to rethink decades of business as usual.

This change has also brought new technology needs. Since these businesses had built technology infrastructures that relied on traditional network and application architecture, a shift had to occur. Suddenly, IT departments were dealing with overloaded VPNs or having to deploy a VPN that they never had to maintain before. Compound that with the fact that users are now accessing company resources from networks or assets that corporate IT has no control over, that most home routers are still vulnerable to exploitation and that, in many cases, the network gates were flung open in the name of productivity ― it’s enough to give any CISO an ulcer.

So how can companies mitigate these risks? Now that everyone is settling into a routine and we’re adjusting to this “new normal,” it’s an ideal time to reach out to your users and talk about security.