Sign up for our newsletter!
Stay informed on the latest DevOps news

DevOps.com

A Distributed Workforce is the New Normal

By: on

The pandemic emphasized and improved what we have known for decades: A team does not need to be centrally located to be productive. This varies based on the people involved and roles being fulfilled, but honestly, lots of people can work just fine from home, a coffee shop, the pool …

And while we could debate the wisdom and usefulness of lockdowns forever, they did drive organizations that had never considered distributed work to actually take the plunge. Many are returning to centralized organizations, but a significant number of employees have moved to where they would like to live to work from home, and some of those employees will not be back.

I normally avoid reference to any contentious societal discussion, but the lockdowns and pushback directly impact us in IT. The circle that was our network had already expanded to include public cloud, hosting providers and SaaS providers. Now it includes all of those plus some–perhaps only one or two, perhaps many–home offices. And that is unlikely to change, no matter how hard an organization tries. If nothing else, motivated individuals will want to work from home after hours, and if they are salaried, the organization will support that approach—meaning we in IT will have to support that approach.

A deep look at what that implies is necessary. One of the things that having a sudden “work from home or shut down” mandate imposed upon companies did was make security an afterthought. For the first couple of months of 100%-remote work, we saw crazy numbers of access misconfigurations that caused breaches. That’s just the easy one. Your source is in a publicly accessible repository. Are the tools to access that source secure? Are you sure? What about SaaS? Is there a method other than user-generated passwords required to access each SaaS? Do you even know what SaaS systems business users have adopted? Does the organization use password management? It is necessary since SSO isn’t covering everything, and really can’t.

The same is true for accessibility. Management teams started with, “Let’s get people working,” because the alternative to people working was layoffs or even corporate bankruptcy. If you paid any attention at all in that timeframe, you heard the horror stories of IT going to employees’ houses and setting up or troubleshooting corporate desktops that went home. It was an ugly time, and only afterward did organizations start to consider options for handling communications. Is it policy to have someone go to a nearby coffee shop when their connection is down, or is that a day off? Can they work without connectivity and then upload afterward? Most organizations still don’t have coherent policies in this regard, allowing teams to decide. In fairness, not every employee is great at working from home, so it is possibly the best option to have team leads deal with failed communications issues … But a corporate policy or guidelines should still be developed, and technical solutions like satellite backup should also be considered.

Organizations rushed to WFH and then rushed to return-to-office (RTO). Your job is to make sure that, with all of the rushing, things are stable and secure. You’ve been rocking it all along—don’t let shifting corporate priorities drag you down now.