In 2020, companies of all sizes pivoted quickly to a work-from-home (WFH) model for employees. Some companies pivoted so quickly that security teams found themselves scrambling to catch up, rapidly researching, selecting, and deploying security solutions for the endpoints of employees working outside a trusted network perimeter.
Today, some companies are still working on securing the endpoints of remote employees. Other companies may feel that they now have sufficient endpoint security measures in place.
But Ralph Loura, chief information officer (CIO) of Lumentum, a manufacturer of advanced photonics products, has advice for all these companies: Think Big.
Seize the opportunity of this rush to WFH not only to address the short-term needs of your remote workforce but to move on opportunities for bold digital transformations that will pay off over the long term.
In an earlier blog post, we discussed Loura’s strategic plan for pivoting to a WFH environment. In this post, we’ll look at his concerns about security once Lumentum’s remote workforce begins returning to the company’s offices, as well as his vision for digital transformation beyond the pandemic.
Deploying the future today
“One of my favorite quotes is: ‘The future is already here; it’s just not evenly distributed,’” Loura says. “We have the digital tools; we have the strategic thinking; we have the way of working that will allow us to not only survive — but thrive — in the new fully digital, reimagined world. We just need to deploy that evenly across the entire company.”
For Loura, the pandemic has provided an opportunity for many organizations to catch up to the digital possibilities available to them.
“A lot of things we would have done in the past more slowly — that were in pilot phase or in a lab somewhere. Those projects all of a sudden have moved to the forefront. They have become very critical to our ability to continue to operate,” Loura says.
Yet Loura worries that some organizations have embraced this moment only partially. He worries they have not committed to the opportunity to deeply rethink how they operate.
“Many companies have put digital dressing on an analog salad,” Loura says. “One of the risks here is to take the processes you used to use, or the way you used to work, and you just moved them online. I think that falls short of the opportunity.”
Loura thinks this reluctance to embrace the full digital possibilities may stem from a reluctance to accept the realities of this ongoing crisis.
“There are too many people who are too comfortable with the pillow and the snooze alarm and are just waiting for this to be over so they can go back to the way it used to be,” he says. “I think those people will have a lot of challenges coming up. I don’t think the world as we used to know it is coming back anytime soon.”
Loura does not see this as necessarily a bad thing but rather as an opportunity to let go of what was done before and rethink how to do things better moving forward.
“People talk a lot about ‘The New Normal.’ I don’t like that term because it sounds a lot like a minor inconvenience or a slight evolution from the old normal,” he says. “I don’t think the old normal was all that it should be or could be. I like this idea of being much more dynamic, much more innovative, by not just deploying digital tools but by thinking digitally and acting that way.”
Finally, Loura believes any leader can seize this moment of opportunity to truly transform to a more complete and mature digital state — as long as they are willing to step up: “If you’re open to change, if you’re driving change, and you’re trying to anticipate what’s happening next — and staying flexible in this time of great uncertainty — then I think all the tools are there for forward-leaning, smart leaders that are willing to put themselves out there and create the future they want to see happen.”
Assessing security risks at home and in the office
Of course, strategic digital initiatives need to take security and security risks into account.
During the first days of lockdown, Loura focused first on maintaining business continuity by transitioning Lumentum’s operations to a new remote operational environment.
But despite this operational focus, security was never far from his mind.
“One of the first things that you do through this pivot to remote work is a scramble to make things function — keep things connected, keep them productive, and make sure they can do their job,” Loura says. “But almost the next second, you’re thinking, ‘Well, wait a minute… did I just incur a new risk?’ How do I not only keep them productive but keep the company safe and protected?”
From day one, Loura and his executive colleagues maintained ongoing discussions about what risks they were opening up, how they could mitigate those risks, and how to get ahead of new risks that could be right around the corner.
Those talks have continued, and those risks have evolved as the situation has progressed.
Today, Loura is most concerned about what happens when the pandemic ends and employees begin to return to company offices.
Loura knows that employees have been operating in a less-secure environment than normal and that bad actors have been exploiting the opportunity to install malicious code onto their devices.
“When those devices come back to the corporate network and plug in, all of the little code snippets that were installed covertly over time will activate in the enterprise environment,” he says. “You’re going to start seeing a new wave of enterprise risk and incidents when all those little Trojan horses return to the corporate castle.”
For Loura, the solution to this security challenge is the same strategy he leveraged to keep Lumentum secure throughout the pandemic — maintaining visibility and control over the endpoint environment through the right instrumentation.
Moving ahead with improved security and bolder digital transformation
As for the bigger picture? Strategic IT thinking after the disruptions of 2020 should advance along two tracks, according to Loura.
First, IT and security leaders should extend the security protections put into place for today’s WFH requirements indefinitely to mitigate risks for employees and endpoints, whether on-premises or remote, he says.
Second, technology and business executives should make the most of this year’s pivot to remote work to achieve bold digital transformations that otherwise might have remained on the drawing board.
Does supporting remote work provide the justification for migrating more applications to the cloud? For creating better self-service customer and employee portals? For deploying more mobile-first solutions and automating workflows that previously depended on paper forms and email?
Every company will have its own priorities for transformations like these — transformation, of course, that depends on endpoint management and security.
The future might really be unevenly distributed, as the saying goes, but now’s a great time for businesses to distribute the future a little more broadly in the areas of endpoint management and digital transformation.
With its cloud-native platform, Tanium customers like Lumentum can perform all kinds of device management tasks, risk assessments and security practices with zero infrastructure at enterprise endpoint and data scale in a geographically distributed environment. Try Tanium as a Service today.