3 Things Companies Need to Stop Doing Right Now

We’re in the midst of several shifting workplace trends – digital transformations, cloud adoption, increasingly remote workforces, evolving consumer expectations, dramatically increased cybersecurity risk and more. It can be a lot for organizations to keep up with.

As we work our way through these changes, there are a few major jumps that organizations need to stop dragging their feet on. These outdated practices are holding organizations back and could potentially cost millions.

Shipping Laptops to Remote Workers

Despite the move by a few large companies last year to end remote working programs, working away from the office continues to gain momentum. By 2020, about three quarters of the US workforce is expected to be mobile.

While allowing employees to work remote can have a positive impact on productivity, talent retention and ultimately spending per employee, those benefits are diminished by companies that are wasting time and money mailing laptops to remote workers.

On average, it costs a company $1,448 per employee to provide remote workers with company-issued laptops. Plus the added in-house requirements of managing and possibly storing those devices. For most companies, the task of managing, maintaining and shipping endpoint devices has zero positive impact on revenue and takes time away from employees that could otherwise be focused on business-driving tasks.

On top of it all, if an employee fails to return a laptop, it’s a total loss and must be replaced at the organization’s expense. All in all, this is an expensive approach to supporting remote workers that has little payoff of for the organization (especially when there are better options available).

The Solution: Provide more affordable thin client solutions or allow employees to use their own devices.

Postponing Patching

Patching desktops and software can be a tedious task, particularly if IT has to individually touch every endpoint or support remote workers. But not patching in a timely manner can have severe consequences. In today’s cybersecurity climate, organizations can no longer assume that vulnerabilities will not be taken advantage of.

This became incredibly evident during the 2017 WannaCry attack. The only reason the attack was so widespread is because individuals and organizations had been ignoring a recommended patch for months on a large scale.

A cyberattack can have ramifications ranging from taking a company offline (meaning lost productivity and revenue, or worse for healthcare organizations) to large compliance-violating data breaches that often lead to major fines. With the rate the data breaches and cyberattacks making business headlines these days, organizations need to start taking patching seriously.

The Solution: Create a formal process (with deadlines) for implementing critical patches. Employ a desktop solution that can make patching and updating fast and easy.

Playing “Wait & See” with Compliance

There any number of compliance regulations that organization have to follow based on their industry, where they do business and other factors. Meeting these requirements can be complicated for organizations that don’t have in-house compliance experts and expensive if changes need to be made to become compliant. For this reason, too many organizations make only vague attempts at compliance and hope that they don’t experience a data breach or failed audit.

This is the wrong approach. Data breaches by themselves cost an average of $3.62 million. If noncompliance is found in conjunction with a breach, organizations can expect additional fines. The average cost of noncompliance with PCI DSS requirements (for any organization that collects, handles or stores credit card information) is $5,000 to $100,000 per month of noncompliance based on the organization’s PCI DSS level. The largest HIPAA penalty to date cost an organization $5.5 million. Considering that data breaches can happen more than once, organizations need to stop crossing their fingers that nothing bad will happen and start seriously investing in security and compliance.

The Solution: Work with vendors that provide compliant solutions that cover some of the compliance responsibilities and can make audits easier.