Mumbai: ITSM (IT service management) continues to be effective in a remote work environment believes 72% IT Professionals, according to ManageEngine’s latest survey.
ManageEngine’s survey titled ‘The State of ITSM in the Covid-19 Pandemic‘ has tried to understand what real challenges and the implications, IT professionals are facing due to the on-going pandemic crisis. The study polled 519 IT professionals with 15 questions.
Key highlights from the report’s findings show:
• Over 70% of IT professionals believe remote ITSM has been effective; however, more than 50% said their organisations had no BYOD policy in place when the pandemic started.
• IT professionals noted their biggest challenges have been employee training and knowledge management (40%) and securing data across distributed networks (36%). Surprisingly, VPN issues and the acceleration of service desk tickets ranked lowest.
• While nearly 2/3 feel their company’s cloud capabilities were essential to business continuity during this crisis, nearly half (48.5%) feel that IT will still not be taken seriously post-pandemic.
Q1. Based on the survey findings, would it be right to say most organisations in India have left out the BYOD aspect in their IT plannings although in the current scenario work from home (WFH) has been the new norm?
Kumaravel Ramakrishnan: While the survey did not focus on demographics, including specific locations, our experience with customers shows that BYOD in India has largely followed the global trend of growth. A tech-savvy workforce, aided by booming smartphone and internet penetration has enabled companies to embrace the concept of BYOD more as a cost-saving mechanism than as a Business Continuity Process ( BCP) alternative to corporate devices.
The vast majority of Micro, Small and Medium Enterprises ( MSMEs) in India, including burgeoning startups, have embraced BYOD and that has certainly helped business continuity in these times. Among businesses, the IT/ITeS companies have taken the lead in formalising BYOD policies. Other sectors like BFSI, healthcare, telecom, education and more have enabled employees to use personal devices for corporate work as part of their larger efforts in streamlining IT.
Companies have woken up to increasing cybersecurity threats and have scrambled to protect end points, be it corporate devices or personal devices which inevitably carry corporate data due to the overlap of usage for personal and professional purposes. This has actually been a blessing in disguise helping businesses maintain continuity outside of the corporate perimeter in these times.
Nevertheless, in these times, the absence of stringent security policies enforced, it would lead to these devices being vulnerable attack points and companies would have to double up their efforts on end point protection.
Q2. Has the lack of BYOD aspect in the overall BCP in past years, led to an increase in the security risk element and challenges for the organisations operating in the current WFH scenario due to COVID-19?
Kumaravel Ramakrishnan: The Covid-19 pandemic saw severe disruption of traditional concepts of work and accelerated remote work adoption like no other. With only a few days notice, employee homes became remote offices and for a majority, the lines between personal and corporate devices completely blurred.
For many companies, the prospect of almost all employees in home offices with personal devices outside of the corporate perimeter wasn’t exactly factored into business continuity plans and that opened up security and privacy challenges for IT organisations to understand and mitigate.
Be it the simple act of accessing mails, or company networks and applications from personal devices, a strong BYOD policy ensures that these activities don’t introduce security risks or vulnerabilities into the corporate network. In the absence of BYOD policies weaved into BCPs, there’s an increased risk of data leakage at different points of use. Malicious malware and Wi-Fi hotspots are common sources of security breaches resulting in loss or theft of corporate data.
This can be compounded by the fact that employees tend to use personal gadgets for work when corporate devices are damaged and no replacements are available. Without the increased governance and oversight available within corporate networks, malicious insiders can elevate their privileges and remote access resources that they are otherwise not authorized to access.
This calls for IT teams to closely monitor and manage privileged access to their networks from personal, and even company devices used from outside the security perimeter. Added to all this is the management of security and privacy concerns when employee devices are misplaced or stolen.
Q3. While over 50% organisations lacked the BYOD planning but do you think the cloud adoption has played a bigger role in enabling organisations to continue their business operations and their employees are able to access to enterprise applications and data remotely?
Kumaravel Ramakrishnan: The survey revealed that of the organisations that had moved much of their IT to the cloud, two-thirds felt that this had helped them considerably during the COVID-19 crisis. In fact, for one-fifth of organisations, the impact of the pandemic has caused them to reconsider, and regret their delay in, moving key services to the cloud.
The use of cloud services was an important factor for ITSM success during the pandemic with most organisations that had critical pieces of the IT infrastructure on the cloud reporting that their transition to remote work and overall business continuity was seamless.
In the months to come, clearly companies that had invested in cloud IT infrastructure stand a better chance of recovery and survival than others that did not. With workforce dispersed geographically, the cloud lets companies quickly increase capacity without investing in hardware and facilities offering flexibility and scalability.
More importantly the fact that cloud providers act as extended IT teams maintaining cloud infrastructure and IT teams do not have to ‘ keep the lights on’ with restricted staff is a huge plus. A cloud native IT infrastructure helps organisations respond to change and uncertainty better. All this said, even as organisation move to a cloud first approach, it is important that application, infrastructure and data security is not compromised.
Q4.Lastly, based on the survey data and findings, how would you assess the overall preparedness of organisations in India in terms of the ease of WFH as well as enabling enterprise IT infrastructure including application and data access remotely in context to BCP ?
Kumaravel Ramakrishnan: Over 70% of the survey respondents, across all geographies indicated that IT service delivery teams were able to seamlessly transition employees into the remote work mode and we believe that India is no exception.
This was due to the relevant BYOD policies and IT asset management (ITAM) strategies in place pre pandemic. Not to mention that organisations that previously moved a large part of their IT to the cloud felt that the transition was much easier and the effectiveness of remote support remained near normal.
How well a business weathers this storm is largely influenced by how well IT teams stood up to the challenge in terms of preparation and reaction, and we believe that the trend is only going to continue in the coming months. Companies with proactive IT leadership that invested in technology had a definite edge in ensuring business continuity than those that did not.
At the same time only 40% organisations feel that they are properly equipped to tackle the increasing security and privacy concerns arising due to remote work. This is something that companies need to be very cognizant of and take steps to mitigate security and privacy concerns.