Spacent
All news
Spacent

Spacent team · Apr 1st 2021

4 Themes to Consider on Information Security in the Hybrid Office Model

A growing number of enterprises are publicly announcing future work arrangements for their employees. Big tech companies, including Salesforce, Facebook, Google, Amazon, and Microsoft have declared to use the hybrid” model, a combination of working from their own office and home – and also from third places. The use of the hybrid model hasn’t only been limited to tech giants, and other more traditional industries are moving into the same hybrid model space use. The finance and banking sector examples of Citigroup, Standard Chartered, and HSBC will define the new normal of information security policies for many other traditional industries.

Spacent has been on a long roadshow with our clients and partners discussing what the hybrid model actually means for them. We have since identified two main concerns that seem to recur in most of the discussions. The first one is related to community building when people are working apart, and the second one is the information security risks. In this blog, we want to focus on information security.

Information security is a broad theme altogether when it comes to the working environment. The aim here is not to tackle them all but to focus mainly on information security when using locations outside of one’s own office. There is an increasing need for sub-leasing the surplus spaces and sharing them with corporate partners and clients, which comes with an information security issue as well. We are not saying that all work could be done in a third location, but a big proportion can be done, especially when the following aspects are considered by organizations and most of all, people.

Human with a laptop

1. Physical information security

Human behaviour is one of the main causes for information security failures, but these can largely be offset by the right kind of working environment. This is an area where Spacent is building extensive standards with our space providers. Visibility blocking to screens (both in layout design and furnishing), phone booths for phone calls, private offices, lockers, and soundproof meeting rooms are already typical amenities that improve the physical part of information security. Also, processes of the hosts are crucial, like lobby services that are keeping control of who is accessing the location, knowing the people that are visiting, and ensuring safe lost-property practices.

2. Connections

Data security has been tricky in shared offices and public places. Unprotected wifi and criminal phishing activities have, for a good reason, made working with unknown wifi connections banned in many organizations. Even when working from home, the connection security has been problematic. But even the organizations with the highest security standards have made great efforts to enable working from home possible during the pandemic, thus enabling secure working (VPN, etc.) from even unknown networks. Also, constantly growing connection speeds (e.g. 5G) will ease using your phone as the connection hotspot which enables better predictability for corporate security.

3. Corporate policies

While using third locations as part of the workplace strategy brings clear benefits for many individuals and organizations as a whole, the policies of companies need to be clarified to support hybrid working. What kind of tasks employees have to avoid using third locations? What tasks are possibly even prohibited? What equipment is needed and what kind of cybersecurity protocols to use? Most of these are at the same time relevant for working from home.

4. Sharing space with partners and clients

Lots of companies are considering ways to decrease space costs by sharing their own corporate offices with partners and clients. This will come with a reward of engaging partners better but also with an emphasis on information security. With layout and access control, security zones (e.g. public, semi-public, enclosed) are a basic way of improving security. Controlling availability to different user groups is also crucial for efficient space sharing. All previous themes (physical information security, connections, corporate policies) apply here as well.

For users and space providers

Basic reminders for users and space providers

How Spacent can help?
    • Guidelines for the physical working environment and connection security with our space providers
    • Filters for users/organizations to search amenities that support good information security
    • Internal security reminders for organizations when using third locations
    • Tools for controlling the availability of spaces to partners
    • Upcoming: Dedicated project spaces for teams

 

 

For more information, you can be in touch with