modern workplace tip of the iceberg
TRANSCRIPT
Modern workplace tip of the iceberg blog.ahasayen.com /modern-workplace-tip-of-the-iceberg/
Ammar Hasayen
Modern Workplace tip of the iceberg shows how people think of modern workplace from their experience side, whilethey miss a lot of work done behind the scenes.
The modern workplace is about empowering employees by creating a secure productive workplace to embracediverse work-styles, and enable people to get things done anywhere and from any device.
While moving to the cloud sounds nice when you hear it for the first time, it is just the tip of the iceberg. Usually, yourbusiness might need external sharing, co-authoring, new collaboration tools, access to SaaS application and somesort of mobile management solution. People are working remotely more than before, so working from anywherebecomes a must.
For a big enterprise, the story is totally different. What seems to be the easily deployed cloud solutions, is nothingbut the tip of the iceberg. What is hidden here is the journey to the cloud, and how you are going to plan it right. 96%of the work that need to be done for the modern workplace, is totally invisible to end users and business people.
The modern workplace tip of the iceberg, is a way to picture what is going on here. Employees want mobility,collaboration, and access to SaaS applications. They only see what the experience will look like. For IT people, thestory is different, as they need to re-think each and every piece, that is involved in providing such experience.
1/3
As a start, you need to re-think of how you consume identities, and how to extend your corporate identities to thecloud, in a hybrid cloud model. You should also consider multi-factor authentication as a service , instead of securityboxes and on-premise solutions. Federated identity that can be consumed by many SaaS applications, is essentialin your journey.
For collaboration, you need to ask your self, how you will handle backup and compliance issues in the cloud, andhow DLP and mail flow will work between your on-premise mail infrastructure and your cloud email solution.
Furthermore, you should not focus on IT issues and forget about your end users. Things like user enrollment,adoption plans and user training are crucial. There is a big behavioral change that comes with moving to a cloudcollaboration solution, and you do not need to forget the human factor and their resistance to change.
As data is now hosted in the cloud, you need to re-think the way you are approaching security, as normal firewallswill not work for you anymore. The new trend is to approach security through identity. Identity driven security is anew security concept where authentication to SaaS application will not happen, until the authentication session isinspected using different factors, like risk levels, user location, and other factors.
Mobility and Bring Your Own Device [BYOD] is not new concept anymore, as people are using devices more thanever. Instead of preventing people from using their own devices, you can govern their access to corporate data, andmake it work to our advantage. This can be accomplished by introducing a cloud mobile management tools likeMicrosoft Intune.
Zero Day Attacks, data loss prevention, data labeling and classification, information right management and defining2/3
risk levels are not new concepts, but you need to re-think how you are going to address each one of these areas innew ways.
Internet Cloud Offices
Internet offices are a very interesting case study that everyone is looking for. Many big organizations are moving nowto internet connected offices, without VPN tunnels to head offices or data centers.
By using SaaS apps, cloud identity, cloud collaboration tools, and cloud management solutions, you may questionwhy do I need a VPN to corporate offices any more.
Microsoft has an interesting offering in term of internet connected offices. You can join your Windows 10 devices toAzure Active Directory, instead of joining them to your corporate AD domain. By doing so, the device will beregistered in Azure Active Directory, and enrolled in Intune. You then can use Intune services, to manage patching,and enroll apps from the cloud.
Finally, self-service is a game changer in any journey to the cloud. Employees should be able to reset theirpasswords, unlock their accounts, enroll new devices,and share files to anyone, without the need to call the ITservice desk.
How things can work differently in the modern workplaceLet us stretch our minds for a minute and consider this simple scenario. Suppose I am visiting Dubai without mylaptop. Once I am there, I am stepping into the Apple store, and I am purchasing the latest IPhone device. I caneasily download all Office 365 apps and just by typing my credentials inside the Office apps, everything is ready forme to use (my mail, my documents from OneDrive and my notes via OneNote).
I was planning to replace my traditional laptop with the new Microsoft surface book, so while shopping in Dubai, Ifound a Microsoft store, and I purchased the newest surface book. Now I am at the hotel, I opened my surface book,I joined it to Azure Active Directory using two factor authentication. In seconds, I have all my profile customizationthat I used to have on my laptop, and an immediate SSO experience to all my SaaS apps like Office 365 and otherapps. I can even reach my voice mail, thanks to hosted voice mail in Office 365.
Sadly, my account is locked out. Because I have a self-password reset and unlock service from Azure services, Icould easily unlock my account in one minute. Now, I can access all my documents, join conferences, follow up withmy teams, and access my PowerBI dashboards. NO VPN, NO IT HELP, IT JUST WORKS !
3/3