How hybrid work patterns change end user computing

Hybrid work security

While there is a new focus on collaboration tools, IT teams still need to provide users with access to the enterprise software they require to do their work. Remote and hybrid working means there is a need to ensure teams can communicate easily and connect to corporate IT systems no matter where individual team members are located.

All of these things need to be achieved while IT security chiefs tackle enterprise data leakage and ensuring employees do not import corporate data into unvetted applications or connect to the corporate network in an unsecure manner.

User education and security awareness programmes have an important role to play, as Olivia Rofe, cyber security expert at PA Consulting, explains: “We must ensure all employees are provided with relevant cyber security training on how to work securely from home or alternative out-of-office locations.”

In Rofe’s experience, regular training should be used in a way that allows continuous development of cyber security skills and should include phishing simulations. “The days of leaving security to the IT or cyber team are gone. It is important that individuals understand the role they play in an organisation’s wider security, both in their behaviour and how they do their job,” she says.

Such training needs to work alongside security policies and a strategy architected in a way that reduces the risk of user error leading to a security breach.

Lionel Garacotche, technical office leader for IT cyber security architecture at Airbus Protect, describes three main security scenarios IT teams need to manage. The first is “no trust”, whereby IT assets can be only used with a virtual private network (VPN) and no side communication is allowed. This, he says, needs to be controlled and hardened appropriately.

Second is “partial trust”, which offers a way to provide the user with side activity controlled by a cloud access security broker or endpoint detection and response (EDR).

The third scenario is what Garacotche describes as “whatever”, which provides for bring your own device (BYOD) or uncontrolled IT assets. Here, access is only available to “public” apps or through virtual desktop infrastructure (VDI) to provide access to internal applications.

The challenge for IT security leaders is that hybrid work does not operate in the same way as office-based work. Rowland Johnson, president of Crest, the international not-for-profit membership body representing the global cyber security industry, warns that IT leaders cannot rely on a security operations centre (SOC) to detect anomalies and threats that come from remote workers. SOCs, he says, work on datasets of what normal traffic and behaviour looks like. Any deviation from this can be quickly identified.

“With work patterns so different and flexible now, there is no clear ‘new normal’, making it increasingly challenging for SOCs to identify normal/abnormal behaviour,” he says.

PC modernisation

Looking beyond the security implications of hybrid working, IT leaders also need to consider the IT equipment in the physical workspace required to support users and the hardware and software needed by employees who may spend only some of their working hours in an office environment.

Many businesses upgraded PCs during the pandemic and have yet to replace them, or are upgrading at a far slower rate. This has led to a decline in the purchasing of new desktop and mobile computing hardware. But remote and hybrid work patterns have resulted in manufacturers tweaking and tailoring products to cater for the greater use of online conferencing and collaboration tools that have quickly become key to employee productivity.

Upgrading older PC hardware is also being helped along by the need for more powerful processors to run artificial intelligence (AI)-powered business applications.

Supporting hybrid work

Global telecoms equipment provider Ericsson is one of HP’s major customers. The PC maker supports a hybrid workforce through a global arrangement covering over 90% of Ericsson’s devices, spanning some 130,000 users in 140 countries. Employees can choose from various laptop models tailored to their roles. Once selected, devices are prepared and shipped to their home or office. The user provides their email, completes multifactor authentication, and, according to Lee Elliot, HP’s Northwest Europe head of offer execution for workforce solutions, the device is ready in 10 minutes.

HP EliteBook models are equipped with 5G capabilities and military-grade encryption to support staff needing to work in any location. Applications are accessed via the cloud and an HP break/fix agreement is in place, so staff uptime is protected with devices simply exchanged for new replacements if required.

Kieren Jessop, research analyst at Canalys, believes artificial intelligence (AI) will drive up demand for more powerful PC hardware: “Roadmaps for integration of on-device AI capabilities have already been outlined, with several products showcased at the HP Imagine event [in October] and other suppliers set to follow suit. Canalys forecasts that adoption of AI-capable PCs will accelerate from 2025, with such devices accounting for around 60% of all PCs shipped in 2027.”

For instance, new Chromebook Plus devices are equipped with more powerful hardware that support features like AI-assisted background noise cancellation and video-enhancing technology for video and audio conferencing. Premium PC manufacturers have also been ramping up the AI capabilities of their devices to support hybrid working.

Printers in a hybrid world

The latest research from analyst Quocirca shows that the changing purpose of the office will continue to focus on collaboration and connection. Quocirca’s Future of work study found that 37% of participants view in-person collaboration as the most important benefit of the office. An obvious conclusion is that IT buyers will need fewer office-based printers.

Quocirca analyst Louella Fernandes believes one of the challenges of creating a hybrid work environment is setting up printers so that anyone who comes into the office can use them with ease. Cloud printing offers a way to simplify printer setup.

In the past, office space would have been organised around large, multifunction devices, which provided central access to print, scan and copier functionality. While these still exist, some office spaces are now making greater use of workgroup or A4 printers that better suit hybrid work patterns.

While printers may be visible on the corporate network, it can often be difficult for users to figure out the location of their nearest printer. Fernandes says 60% of corporate data loss occurs because paper is left in printer output trays. In one instance, she says, someone took confidential printouts to a school as scrap paper for the children to scribble on.

While Quocirca found that only 11% of organisations currently operate a paperless environment, 75% are accelerating paper digitisation initiatives. Although return-to-office policies will help print volumes recover in some sectors, Quocirca believes there is an opportunity for print suppliers to develop products and services around delivering workplace technology that supports hybrid workers.

Evolving challenges in the hybrid workplace

The pace of innovation means new products and services are constantly being developed. Some of these will inevitably gain traction among hybrid workers, especially if the new product provides superior functionality over corporate IT-approved software. AI targeting employee productivity is one such category of software.

The Quocirca research shows that 56% of organisations plan to make use of AI and machine learning. Whether they work in an office full-time or are hybrid workers, AI is likely to lead to the risk that data could be leaked from the organisation or employees may use data in a way that breaches data protection laws.

“It’s always hard to determine what the future will look like, but we know for a fact that remote working will remain. We have to focus on being sure that employees are aware and understand the increased threat level we’re facing,” says Garacotche.