sb-nz logo
Story image

Security risks of neglecting the workforce experience – Avaya

28 Jun 2019

Article by Avaya solutions specialist Doug Richards

Government departments and enterprises are wasting millions of dollars every year on cybersecurity because they fail to also invest in the user experience.

Australian organisations are aspiring technology leaders that understand the importance of cybersecurity, and for government agencies, this is a matter of national security.

But all this protection can still be completely undermined by a single indiscreet act of exposure. What good is cybersecurity if a user views encrypted messages amid prying eyes on public transport or has a classified phone discussion in an airport lounge?

In the modern, digital workplace, people expect to be able to engage and collaborate in real-time regardless of location, network or device.

However, the downside of this trend is that users of technology often become the weakest link in the security chain.

With the mobile digital workforce expected to increase to 1.87 billion people by 2022, or 42.5% of the entire global workforce, the management of this technology-savvy demographic must be a top priority for governments and enterprises striving to achieve their business and operational objectives.

Don’t be blind to the bigger picture

Security discussions are focusing on technology factors: systems, networks, devices, and encryption.

These factors are mandatory but do not address people and context, and how we collaborate. They neglect the user experience and context, which leads to shadow IT and unauthorised cloud apps, which leads to poor situational awareness.

Improving security in the mobile digital workplace is as much about people and context as it is about technology.

Without the bigger picture – a great user experience with situational awareness – people can’t make effective decisions aligned with an organisation’s security parameters.

Context is so critical because it can moderate the tone and content of conversations.

Consider colleagues having a face-to-face conversation as they walk through the open plan office and into a meeting room.

They will moderate the tone and content of their conversation as they walk through the office, and once they are in the meeting room and have closed the door and the conversation is private.

If a guest enters the room the context has changed yet again, and the conversation adjusted.

In the mobile digital workplace, the context is less obvious.

The interactions are virtual and on our devices; we are not aware of the context in the same way as we are in person.

For example, who else is on the call and have we verified their identity? Where is everyone located? What devices and apps are being used? Over which networks are we connecting, and are the connections encrypted?

All this rich contextual data is relevant and accessible.

Technology can capture, analyse and present this context to the user in real-time.

This context can empower the user to moderate their conversations and the content they share.

Protecting all parameters

The significance of context is further exemplified in the Australian government’s security classifications model which very directly informs the user experience and impacts security.

Specifically, email is the only digital communication medium in government today that provides a visible security context to the user.

For example, [SEC=<CLASSIFICATION>] in the subject and body of the message.

Now envision automating the application of security classifications in the mobile digital workplace.

Real-time security classifications for voice calls, video conferences, and messaging.

This will transform security and the user experience in the digital workplace by clearly headlining to the user when they can and can’t have a classified conversation.

Story image
OT networks warned of vulnerabilities in CodeMeter software
Manufacturers using the Wibu-Systems CodeMeter third-party licence management solution are being urged to remain vigilant and to urgently update the solution to CodeMeter version 7.10.More
Story image
Plugging the gaps: Australian organisations are leaving their defence barriers wide open
Cybercriminals are are walking through the gaping holes in Australia’s organisational defences – gaps that leadership teams don’t even realise are there.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More
Download image
74% of APAC IT leaders say security culture is essential to business success
You can join these leaders in designing security awareness and training with your employees in mind.More
Story image
Spending on managed security services in A/NZ to grow despite COVID headwinds
COVID-19 has changed security priorities significantly, and managed security services in A/NZ are set to benefit. More