IT Lessons Learnt From 2020

—By Gemma Allen, cloud security solutions architect, Barracuda Networks—

Yes, it’s been mostly miserable, but don’t ignore the positives…

The biggest lesson to take from 2020 is that most of us have had an enforced trial of remote working. Even managers who were reluctant to trust their staff to work from home have been forced to let it happen.

Admittedly, the pendulum has swung too far because now we have as little choice about working from home as we previously did for working from the office. But many people have had the chance to work from home for the very first time. And despite some managers’ reluctance and worry about loss of control, the vast majority of people carried on doing a good job.

Of course, remote working can create a potential increase in risk, but it is completely manageable compared to just a few years ago. We have the tools to control what people are doing on their laptops and what networks they are accessing. We can create a network to meet the security criteria for 90% of organisations, only the seriously sensitive organisations may struggle to find and implement the controls they need.

Smart businesses have a vast choice from Virtual Private Networks, Secure Portals, Remote Desktops, Multi-factor Authentication, and certificates to mitigate the risk of access.

There has been a slight sense of panic from some managers at the prospect of losing control but that’s a perception of risk, not the reality. A business with a properly thought out remote working strategy does not need to increase its vulnerability to attack.

But there are lessons to learn. Many organisations took some short cuts back in March 2020 because we all thought we’d be back in the office in a few weeks. There were bodges put in place which organisations need to sort out now if they haven’t done so already.

Last year we saw customers wanting quick fixes to remote access. Now we’re seeing more sophisticated requests. People are not just setting up VPNs; they’re also making sure they’re keeping log files, checking access, and monitoring global performance and responsiveness. Most large organisations have already reached this point, but some smaller firms are still transitioning their quick fixes into long-term operational solutions.

This has been harder for companies reliant on legacy applications and platforms based in data centres. Cloud-based organisations have undoubtedly found it easier to adapt.

But assuming you’re not reliant on an old application running on a mainframe, there are numerous platforms and products to help you find a balanced solution. In fact, many organisations spend more time in planning, and wading through alternative solutions, than they actually do implementing the technology they choose. Cloud platforms make all this accessible to the non-specialist professional but if you’re not careful this can create management headaches down the line.

And of course, for most companies none of this is completely new, cloud technology is mature and most organisations had a cloud strategy in place. COVID-19 has simply accelerated the process.

But now is the perfect time to have a look back and learn some lessons from the last year. Look at how people are using the systems, look at the data you’ve collected, the support tickets for instance, to understand users’ pain points and what is working and what could be improved.

Equally look at shadow IT: are people using Dropbox to share files instead of the company-provided cloud storage portal? If so, find out why. Remember the best security is that which people use, not that which is such a hassle that they find ways to evade it.

But it is not just about being the bad guy. There are positives from the last year and we should work to keep the flexibility in systems which allow people to do their jobs while also having time to live their lives.

Happy staff will always contribute more than people who are stressed or fighting to keep up with their schedules. We can continue to learn and leverage the best technology to push this even further. There are undoubtedly features that you haven’t found, or that someone is using, that could have a wider benefit across the organisation.