In the Technology Triumphs series of Trace3’s blog, we share about the accomplishments of our clients and those who are the forces driving value to their businesses through technology – Because at Trace3, all possibilities live in technology.
The world of work changed drastically a year ago. The pandemic shoved businesses into a situation that required juggling priorities and capabilities, forcing chunks of the workforce into working remotely.
That shift created a workplace hybrid, and exposed a number of new security concerns along the way. At Farm Credit Mid-America, Vice President and Chief Security Officer Mike Everett was ready to tackle the new challenges staying secure of the hybrid workplace.
“When everybody is on-premises, you know the controls are in place. When in hybrid, you have to be flexible and understand the whole purpose of security is to help the customer,” Everett said. “One of the big challenges is that you have to adapt controls to put them in place without a negative consequence. When you have different roles with different levels of access, you have to accommodate.”
Everybody was scrambling to create an optimal work environment, but the hybrid workplace isn’t as simple as rolling everybody out with a login and a laptop. Everybody has different levels of access, which means different levels of security.
Only a few Farm Credit Mid-America employees were working remotely before the pandemic hit, but that quickly changed. The workers are the most vital asset to the company, but they also made up the biggest threat.
“To be candid, it’s people that are your weakest link,” Everett said. “When you have different roles and different levels of access, you have to accommodate all of those levels. You just need a single person with a set amount of permissions to click on a bad email, and you’re having a bad day. Technology is good, but it’s only as good as the person that’s clicking the button.”
The workplace shift changed the way bad actors have tried to break into systems. The dynamics of the remote environment are cause for more cracks, but Farm Credit Mid-America was a bit ahead of the game.
Set up in multiple offices across a wide geographic area, Farm Credit Mid-America already made moving toward a more secure hybrid model a priority. The pandemic accelerated things, but they were prepared to move forward with their eyes on what the dangers might be.
“Bad actors are going to take advantage because they know it’s a hybrid model and they leverage that flexibility,” Everett said. “Today’s bad actor leverages social media. When working remotely, people can come in through something like LinkedIn.
“But we have to communicate. We alert people about phishing campaigns and do security awareness training. We use intranet when we know that something is happening, and to communicate when something is happening.
“Getting security-minded engineers to understand, and be more free and open around adaptation,” Everett added. “Everybody has to have the understanding that we are in a hybrid.”
The remote worker likely isn’t going anywhere, and companies like Farm Credit Mid-America will continue to maintain some of these best practices going forward. However, they’d like to get back to some semblance of the way things were before 2020’s pandemic.
As things open back up, the focus is shifting to how people work. While the remote worker might become more of the norm, Farm Credit Mid-America and Everett are focused on getting as many people back into the office as possible. The goal being to make the office feel like normal again.
“Our stand is that we’re better together,” said Everett, the company’s Vice President and Chief Security Officer. “Our association’s compass is that ‘We’ is greater than ‘Me’ and we support it because we know we can be successful. Every teammate has a value and a purpose, and we want people back together in person, and having hallway conversations.”
“At the heart of that is our customers. We want to be there to support rural America, because that’s really where the ‘We’ is greater than ‘Me.’”