The following article is associated with a JumpCloud webinar on IT’s changing hybrid landscape, featuring Idan Mashaal, Director of Cyber Security at Plus500 and Steven Hodges, Systems Administrator at Webspec, and hosted by David Worthington, Technical Blogger at JumpCloud. Watch the full webinar recording here.
Being an IT admin is a wildly different job than it was even a few years ago, with work from home and hybrid workplace models becoming increasingly popular and COVID-19 making these options a necessity.
WFA (work from anywhere) is the new normal. But while this model has many benefits, it can also spell frustration and burnout for the IT professionals tasked with supporting and protecting company assets in a distributed workforce.
Creating a plan to combat burnout while increasing security and offering all-hours support in this new environment is crucial for the success of your IT team, and your company. In a recent webinar, JumpCloud Technical Blogger David Worthington sat down with Plus500 Director of Cyber Security Idan Mashaal and Webspec Systems Administrator Steven Hodges to hear about their experiences and insights with WFA to get you started.
Focus on Optimizing Workflows for Improved Work-Life Balance
Work from anywhere means you may have employees in different parts of the country/world for the first time. This can overtax a traditional in-office IT team, who may feel pressured to be available 24/7 to support people in new time zones. Thankfully, Mashaal and Hodges have several suggestions for protecting your admins from burnout.
Tie Your Systems Together for Quicker Problem Solving
“IT folks have homes as well. They have lives. They have children. Burnout is something we need to manage,” says Mashaal. “At the same time, people working from home may be working outside traditional hours. The last thing we want to do is not be available when our workforce needs us.”
Mashaal offers two solutions to this problem. First, to hire more staff to cover those odd working hours. But, he prefers solution number two: working smarter. Cloud directories enable you to centrally manage identities and the means to access nearly every IT resource, making challenges like remotely patching a system, unlocking a user, or shutting down a lost phone take IT admins minutes to fix instead of hours.
“I took [Plus500’s] firewalls and other networks like VPN and captive portal and tied them to JumpCloud,” Mashaal said. “All these applications are accessed with the same credentials from the one universal directory. It allows you to manage and see everything in one place, since it’s all authenticated through the same platform. “If something happens, you [open JumpCloud], go in there, unlock it, done. Really simple.”
Hodges agrees that the time savings cloud-based directories offer is huge. “[Jumpcloud] saves my team so many hours,” he said. “When we hire a new employee or an employee leaves, it takes me an hour to provision everything instead of a half or full day to get everything set up.”
The time you save using a cloud-based directory is time you can give back to your IT admins–either for work-life balance, or for solving more complex problems that need the human touch.
Consider Setting Core Business Hours
Respecting employees’ time off and protecting IT teams from burnout was a huge priority for Hodges going into the pandemic, too. Distributed workforces present a unique challenge, because communication is important, but finding times to meet that don’t infringe on anyone’s off hours can be tricky.
“[We solved this problem by implementing] core hours when all our employees have to be available,” said Hodges. “It was set up when we were solely in the central time zone, so it’s 10:00am to 3:00pm central time. We have people on both coasts, so scheduling meetings between 10 and 3 CST is within traditional business hours everywhere in the US.”
Teams at JumpCloud have experimented with different methods to protect employee work time, too. “[On my team], we’ll block off hours that are work hours,” said Worthington. Those hours are “no meeting” hours, where employees have dedicated time to work on projects. This time blocking strategy ensures teams can meet deadlines without too many meetings getting in the way.
Get Buy-in from Staff and Leadership on Any Necessary IT Changes
Moving to hybrid or work from anywhere business models can mean needing new technologies to make IT’s job possible. The need for remote technology during the pandemic may give you the perfect opportunity to beef up security and IT systems you couldn’t justify investing in before.
“Prior to the pandemic, we had an open-source identity management tool that only did LDAP and SSH authentication.,” said Hodges. “I wanted something that would also do SAML and SCIM, but I didn’t have a good enough reason our stakeholders would approve of for such a big investment. Once the pandemic hit, moving to JumpCloud was a much easier sell.”
Securing staff compliance on new systems and models is every bit as important as getting the green light from leadership for finances.
“I have a small group of developers and engineers I work with to make sure that we have buy-in from everybody before we make a decision,” says Hodges. “We have to make sure [the new software or system] is not going to make their lives harder. Because ultimately, time is money, and we don’t want to add time to their workflow, which, in turn, reduces our intake.”
Keep an Eye on the Unique Security Challenges of a Remote Workforce
Remote workforces can pose unique security challenges, because IT has less control over the networks and applications employees are accessing.
Implement Zero Trust Methods for Remote Devices
“When employees are working from home, they’re using their personal WiFi networks that other users, like spouses and kids, are also using,” Mashaal said. “As an IT admin, you open up your Active Directory or whatever over VPN, and you’re assuming that connection is safe. But it isn’t [necessarily]. It’s in a different network that you don’t control, and you don’t know what other users are using that network for.”
This is where zero trust security comes in. The idea behind zero trust is that computers or other devices should never be trusted by the network by default, until they’ve been vetted.
“Our CEO actually came up to me about a week ago and started talking about zero trust, because we’ve seen so many impacts in the past couple of months where agencies get hacked with ransomware,” said Hodges. “Being able to lock that down in a way so we know who is accessing what resources and applying zero trust has been a huge thing for us.”
Balance Security with Employee Privacy
While many security hazards can be easily controlled and mitigated for company devices, things become a bit more complicated with “bring your own device” (BYOD) models.
“BYOD, from a security perspective, can be ‘bring your own disaster.’ It’s obviously an area of concern,” said Worthington. But for some employees, using their own device is a necessity for their work.
“Some employees, primarily developers and engineers, want to be able to use their own computers, because it’s what they’re comfortable with,” said Hodges. “But we don’t want to put JumpCloud’s agent, for example, on a non company-owned device, because it gives us a lot of control.”
Finding the right balance between security and privacy is something both Hodges and Mashaal are keeping a close eye on in the coming months.
“Ultimately, we can run essentially anything we run on employees’ computers [once we install JumpCloud’s agent],” said Hodges. While this is great for convenience and security, it can undermine employee trust. “[It’s very important to us that] we don’t take away employees’ privacy outside of the company.”
Use Technology to Smooth the Transition to WFA
As the world changes to support the need for remote work, your company needs to change, too. While there are many software solutions to ease the transition to work from anywhere, IT teams need cloud-based solutions that offer a streamlined approach, saving them time.
The JumpCloud Directory Platform is a one-stop-shop for IT admins. Your team will have control of all systems in your network with comprehensive views and powerful automations to free up admins for more complex problems.
To see for yourself how JumpCloud can optimize your remote IT teams’ workflows, sign up today. JumpCloud is free for your first 10 users and 10 devices. You’ll also receive 10 days of free, in-app support via chat should you need any help along the way.