Modern technology is crucial to organisations, but at the same time, it also brings with it security concerns. To add to this, the concept of a ‘workplace’ is no longer restricted to a cubicle, with employees working remotely occupying a significant part of the workforce!
On the one hand, these factors are boosting productivity, but on the other, the question is how to ensure data security. Thus, the battle between productivity and security is turning to be a concern for CISOs or Chief Information Security Officers across the globe.
Productivity Vs. Security — Which Is More Important?
Employees would believe that productivity is more important than anything else. But, what would happen if some security measures were breached, and important data was compromised? The amount of rework needed would not only consume resources but also put a dent on your productivity! as well as an obstruction on productivity. Therefore, CISOs always push for security over productivity. However, not all are happy about it.
A survey from IS Decisions, a security firm, studied over 500 organisations from the US and UK. It found that large US companies lose around 182 days of work annually as a result of complex security procedures.
It is not that employees resist security measures, but it is just that they want to complete their work without hassles. Many a time, stringent security protocols could be an obstacle.
A Dell-sponsored survey of 460 IT professionals and 301 businesses found it to be a fact. As many as 92% of users opined that extra security measures negatively affected their work.
At the same time, efficient security systems are the need of the day because worldwide, there is an increase in cyber crimes. The 2019 Official Annual Cybercrime Report prepared by Cybersecurity Ventures, a New York-based firm states that cyber crimes will be one of the biggest challenges in the next two decades.
It also predicts a huge expense the world will have bear due to cybercrime. By 2021, the cost will reach $6 trillion, double the figures for 2015.
What then is the solution to this dilemma? The key lies in striking a balance!
How To Strike A Balance Between Productivity And Security!
To keep the two factors at their optimum best, both employees and security officers have to work in tandem. Following the below-mentioned steps can contribute to ensuring a healthy balance!
1. Identifying reasons for resistance
Listening to employees and understanding their concerns can help both sides. Security is essential and is the key to innovation, thereby increasing productivity. Therefore, it becomes necessary to chalk out a system that takes care of security without getting in the way of work.
It is essential to create a system which does not take too much of the employees’ time and serves its purpose as well. It may not happen overnight, but with trial and experiments, the balance would not be impossible.
2. Create awareness
Getting employees on board in favour of adequate security measures can only happen if there is enough awareness. The reasons and their importance need to be instilled in the users.
Security is beneficial for business and in fact, it can boost productivity. The broad understanding helps employees engage with the security procedures and make them active stakeholders in the process. In the meantime, IT officers need to work on a practical, user-friendly and easy-to-use system.
3. Keep it simple
Employees may easily bypass complex security systems. As a result, it could be more prone to threats. However, simple measures are easy to follow and implement which employees are more likely to adhere to. They won’t take much time and efforts of employees and thus, would also not hinder productivity.
Cybercrime is on the rise, and it could be prevented only when the end users take security seriously. After all, they are the ones who are working with the system closely and could be the first to detect concerns.
4. A shared network can help as well
Companies could also look for safer measures that do not need additional procedures, yet contributing to increased productivity. For example, using a shared network to send and receive files instead of email can be a good idea.
Emails are a potential risk. Instead of investing in a new security system to safeguard emails, why not utilise a more efficient alternative? Such measures could ensure both, enhanced productivity and ensuring security.
5. Reevaluate the BYOD security policy
‘Bring Your Own Device’ or BYOD is a user-friendly initiative helping employees with flexibility, accessibility, as well as the use of convenient software and tools. There is hardly any gap between personal and business use now. But it also ensures collaboration and efficiency which mostly works in the best interest of the organisation.
The BYOD culture can lead to increased productivity, but the security risk associated with it cannot be ignored. While employees get easy access to company data and information, there is also the risk of someone else also able to access sensitive data.
A relook at the security policy along with certain key decisions as to what data can and cannot be accessed will help mitigate the risk.
6. Automation to strike the balance
Use of automation can be an effective strategy to reduce conflicts between productivity and security. Such tools can be created to find what works for your business or you can use such tools already in existence. For example, the use of a password manager can reduce the burden on the users and help IT officers maintain security.
As per the Dell-sponsored survey, ’85 percent of business users have multiple login and passwords.’
Remembering hundreds of passwords isn’t an efficient way of ensuring security. In such an instance, a password manager can create powerful passwords for various accounts and the employees needn’t even remember many passwords.
Similarly, project management tools can help in streamlining projects while maintaining security. Such tools prove to be a great help to strike a balance between productivity and security.
The tug of war can stop only when every stakeholder’s concerns and doubts are taking into account. CISOs have to tread carefully to be able to put forth a system that promotes compliant behaviour. Workers also need to understand the massive cost they would have to pay in case of a breach.
The bottom-line is to realize the importance of security measures and implementing integrated procedures. A healthy balance between productivity and security is helpful in productivity as well.