Following on from a recent article looking at working remotely, this one will take a closer look at some of the previously mentioned 7 areas of collaboration and requirements.
These areas were:
1. Equipment (mobile and compute)
2. Access to and protection of data
3. Bandwidth and capacity
4. Video conferencing
5. Collaboration tools
7. Framework and policies
Below provides a quick overview of some of the pro/cons, advantages and risks and a very high-level view of associated costs.
1. BYOD vs. company-provided – Depending on company policy BYOD may be a less expensive solution, where companies may not cover the entire cost of equipment purchase. However, this is offset by a likely increase in supportability and compatibility issues, as BYOD requires to provide support for a wider selection of devices. BYOD also creates its own set of security challenges, as a balance needs to be achieved between securing the devices while still providing access to the equipment to its owners.
The “company-provided” option will also be influenced by the device type (laptop vs other solution), its capability to support working remotely and the “quality” of device, i.e. is staff able to work effectively with the provided equipment?
2. Access to and protection of data has been discussed previously, but involves the areas of
a.Backup – how easy (and costly) is it to backup and restore data?
b.Security – how to protect data from unauthorised access, e.g. covering areas like access management, and securing devices with the ability to remotely wipe content
c.Location and availability of data at all times – ensuring that data is available when and where needed, regardless if it is cloud-based, data centre-based or any other device like IoT.
3. Bandwidth and capacity – this ties in with point 1: where a VDI solution is provided as part of remote access, it must be ensured that the infrastructure is capable to support the users at all times. There is a number of options for VDI, i.e. all major cloud providers provide solutions; in addition, there are the established solutions by Citrix, VMware and others.
Likewise, staff should be supported with the provision or access to required connectivity when not in the office – be that through an appropriate mobile data plan or sufficient speed and capacity outside the office. Associated costs should be managed and reviewed regularly, especially as technology progresses.
4. Video conferencing – Zoom, Microsoft Teams, Cisco Webex, Citrix, and many more provide tools for virtual meetings. While they provide similar fundamental capabilities, they differ in setup, management, etc. To minimise confusion and reduce support issues, companies should consolidate as much as possible on a single platform and educate/train people in its use and configuration options.
Where things can get even more complicated is in the setup of physical meeting rooms, as the offered solutions (e.g. Polycom, Crestron, Logitech) will differ significantly in their setup and use. Too often meetings start late because staff spend the initial period of a scheduled meeting trying to figure out how to get the video setup in a meeting room to work.
5. Collaboration – this deserves a separate article of its own, as “collaboration” will depend to a large degree on a company’s requirements:
Security (item 6) and the overarching framework (item 7) will not be discussed in much detail. Security should be implemented after a thorough review of requirements and will include regulatory items as well as the sensitivity of any data stored and access to it. As mentioned in the previous article it will cover at least the following areas:
a. Multi-factor authentication
b. Enforcing of company profiles and security standards
c. Limiting access (e.g. based on a user’s profile)
f. Virus and malware protection
Creating the framework and the associated policies will depend on the existing and required level of maturity in addition to the requirements from items 1 to 6. The more flexibility is required for users, the better the documentation needs to be providing information on what is acceptable and what is not.
A final point that should be not ignored is to educate and properly train people in the use of the provided capabilities and functionality as well as in the overall framework to ensure that people understand their responsibilities and are able to use technology in effective and efficient ways.