By 2020, information security will become the key enabler in allowing organizations to operate in a highly collaborative world where workers can utilize any device they want and run virtual applications (or “apps”) that are hosted and secured through a centralized cloud network. Just as the Internet has redefined the way people work, cloud computing provides a platform for new disruptive technologies that will reshape the workplace management industry. Organizations need to adapt their security strategies for this radical shift or risk being left behind. Over the next few years, there will be two key industry changes that will drive this transformation: BYOD and cloud technology.
The BYOD, or “bring your own device,” phenomenon in the workplace is being driven by the consumerization of IT; the latest gadgets and technologies are now emerging in the consumer market before they gain acceptance in the business market.
Every organization is under pressure from team members to allow them to use these new consumer devices at work. This pressure is only increasing as users are finding the new smartphones, tablets and laptops they purchase for personal use are more productive business tools than what is supplied by their employers.
The tech-savvy Gen Y worker will become the predominant user group in 2020, and is not going to stand for using last year’s technology or carrying around multiple devices. Companies will risk losing talent to competitors who embrace collaboration and have a platform supporting a worker’s personal technology ‘ecosystem.’
The additional complexity of more devices and operating systems also brings serious security risks to corporate networks. The facilities management industry encompasses a wide range of industry sectors where the nature of business is highly sensitive and heavily regulated with compliance requirements and internal governance. An information security strategy is imperative to prevent data theft and regulatory noncompliance.
The following five strategies can help minimize the risks associated with BYOD.
- Implement a mobile device management platform that can manage personal devices in addition to all company-owned devices.
- Develop mobile apps that support multiple platforms while conforming with IT policies and corporate compliance requirements.
- Create multiple zoned network access controls to allow user authentication for mobile devices and the ability to limit access to data.
- Install virtual desktops that allow users to access the network through multiple devices while ensuring data controls are in place through the virtualized environment.
- Implement identity and access management tools that provide secure mobile access and support single sign-on.
Cloud computing is a buzzword that has different meaning to different people. For some, it can be as simple as accessing a web application. For real estate managers, it’s about having an external computing tool that removes geographic restrictions and allows for immediate access to portfolio information.
Cloud-based tools that support real estate portfolio decision-making are becoming must-haves as facility managers are under increased pressure to go beyond tactical day-to-day operational tasks and provide useful information and analysis as inputs into strategic actions that deliver energy, environmental and operational results.
The emergence of cloud networks brings new opportunities for workplace collaboration, enabling easier and cost-effective ways for workers to stay connected with each other.
By 2020, all personal and business devices will be synchronized to at least one cloud service. Buildings will feed live data to the cloud through connected sensors and controls hardware. All business applications and virtualized environments will be delivered through cloud networks. Social networking, originally consumer oriented, will replace e-mail as the primary communications tool.
This convergence of mobile devices, building data and cloud services leads to a highly critical centralized data repository that can create security challenges that must be addressed in a company’s documented information security strategy. These strategies can include the following:
- Using encryption as a fundamental control for all data in motion;
- Assessing and classifying enterprise data to focus on protection for the most critical data;
- Ensuring compliance and privacy controls meet the local requirements of users;
- Establishing an IT governance team responsible for managing cloud computing risks; and
- Developing a business continuity program and disaster recovery plan for cloud services hosted in-house and by third party service providers.
Information security is a key component and enabler for making the transition to cloud services a successful one. The traditional definition of information security is undergoing a major shift from protecting assets within a firewall to managing assets outside the firewall. The network is no longer a fortress and modern corporate networks must adapt to become more like cities that are dynamic with complex boundaries. IT departments are key to unlocking their organizations from the constraints that come with the old approach to device and user management.
Dar Lei is a senior marketing specialist at BLJC, a Canadian leader in workplace management that provides services across more than 134 million square feet of real estate. Dar can be reached at firstname.lastname@example.org.