The challenge of optimising productivity and security for a distributed workforce was debated by a virtual roundtable
The new normal sees businesses adapting to new information management processes, with many more staff working remotely. However, as attendees at a recent Teiss events roundtable heard, many solutions don’t get to the root of the problem.
Using metadata to drive permissions and workflow around files is far more efficient and effective than relying on other storage methods, Jonathan Darlow of M-Files told the senior executives at the briefing.
Sign your name
As the pandemic forced businesses everywhere to shift to remote working, the challenge was how to remain productive while also staying secure. Some of the problems attendees at the briefing experienced were as simple as how to sign documents. ‘We were surprised how many people still insisted on sending faxes and having wet signatures on paper,’ said an attendee from an international bank. ‘About half of them haven’t wanted to change.’
The problems could be solved by tools such as electronic document signing services. But one attendee said she had seen plenty of examples of individual staff members signing up using their company email address, thinking this would count as a corporate sign-up. Of course, that isn’t the case and the company then has to deal with the issue of signed documents stored in accounts they cannot access.
Worse, several delegates warned about the use of collaboration tools, with many organisations turning to them during lockdown. Microsoft Teams, for example, makes it easy to see which files people in your team have been sharing. That can be beneficial in some circumstances, but in others, it can be a security risk and costly to implement and maintain.
Some attendees at the briefing said they had dealt with these challenges simply by issuing computers and smartphones that were, like their users, locked down. Everything from the accounts they could sign up for to their ability to save files to external devices was preconfigured to avoid many of these issues at the outset.
Whose file is it anyway?
‘You can nail security at application level, but it’s harder at data level,’ said one attendee. There is a constant need to identify where the data is, how it is being used and who has access to it.
These problems can become even more complex with large collections of documents that have changing permissions. For example, claims information processed by an insurance company might need to be accessible to certain people or teams as it makes its way through the system. Keeping the right access controls in place in these circumstances is ‘almost an intractable problem’, said one attendee.
Things get more complicated still for retention policies, especially for legacy documents or documents held in legacy systems. The constant need to understand and deploy security controls for various tools and applications is frustrating and exhausting, attendees agreed. One attendee said: ‘I’d like applications to have a big lever with settings from one to five so I can just set the general security posture and tweak the details from there.’
Automation can go some way to solving the problem. One attendee said his organisation saved thousands of hours every year by automating certain security tasks. Mr Darlow said that automation is also key to solving security and productivity problems at file level. For example, systems such as those from M-Files can set rules for electronically signed documents to ensure they are automatically stored in the correct place and their presence is logged, removing the risk of a staff member misplacing a document.
While the increase in remote working has emphasised some of these problems, most of them existed before and will continue well into the new normal. IT experts will continue to search for the best solutions to an evolving set of challenges.