Pandemic Puts the CIO Upfront
As the COVID-19 pandemic continues, evolves and eventually eases, businesses will increasingly rely on telecommunications to remain operational, and it falls to the chief information officers to make sure the company has adequate controls in place to protect key functions.
Understanding which systems and applications are most critical to the business's operations is key to ensuring that its operations run smoothly. This includes reviewing diverse areas such as software licensing, making sure there is enough network capacity, ensuring that equipment can get to the employees who need it, and monitoring companywide systems to ensure the company is running at maximum efficiency. These responsibilities are the crux of the CIO's increasingly important role, which falls into the following areas:
Cybersecurity. Now that many companies are operating almost exclusively in a virtual environment, making sure the company's systems are protected is more important than ever. Among other things, this means making sure cyberthreats are quickly identified and thwarted. To do that, CIOs are responsible for making sure everyone at the company is aware of their roles and educated in how to identify potential threats.
Internal controls. Employees working remotely need to have access to the same applications and systems they had while working on-site. Another set of issues arises if the employee is sharing a device at home. Ensuring that the employee is the only person accessing the company's systems and applications requires controls such as dual factor authentication, privileged access management and automatic signoffs. These security measures should be tested on all devices the employee uses. Internal controls are always important, but they take on added significance in a virtual environment.
IT support. Other considerations include personnel bandwidth for IT support. This issue can be especially problematic if the company needs to install a software update or patch. Employees can learn to troubleshoot some issues on their own, which takes some immediate pressure off, but the underlying security issues need to be addressed. Keeping the CIO in the loop about fixes should be a company policy. That way, it is easier to identify the source if there is a problem.
Social media compliance. Social media and video platforms have become lifelines for people isolated and seeking to keep in touch with friends and family. CIOs need to make sure employees keep their social activities separate from their work activities. They also need to secure the company's social media accounts.
Going Forward. The CIO's role is likely to continue expanding after the COVID-19 pandemic eases and restrictions are lifted. It is likely that many companies will find at least some of their operations will remain virtual. Consequently, the CIO's role will shift again. No one can say exactly how business will change as a result of the pandemic, only that it will.
"For security, the increased need to authenticate and verify employees working from home, to ensure they have access to the applications and systems they need to keep the business operating, has seen the urgent need for Identity and Access Management (IAM), Multiple Factor Authentication (MFA) and Privileged Access Security become even more essential," says Steve Durbin, managing director at the Information Security Forum.
From employee safety to work-at-home data security, business continuity and financial resilience, companies need to follow a clear plan for working collaboratively with their outsourcing providers.