Friday, April 16, 2021

Disaster Recovery to Cyber Recovery--What is the New Best Future State?

A transcript of a discussion on new ways of protecting data backups first and foremost so that safe cyber recovery becomes an indispensable tool in any IT and business security arsenal.

Listen to the podcast. Find it on iTunes. Download the transcript. Sponsor: Unisys and Dell Technologies.

Dana Gardner: Hi, this is Dana Gardner, Principal Analyst at Interarbor Solutions and you’re listening to BriefingsDirect.

The clear and present danger facing businesses and governments from cybersecurity threats has only grown more clear and ever-present as we enter 2021.

As the threats from runaway ransomware attacks and state-sponsored backdoor access to networks deepen, too many businesses have a false sense of quick recovery using traditional business continuity and backup measures.

That’s because the criminals are increasingly compromising vulnerable backup systems and data first -- before they attack. As a result, visions of flipping a switch to get back to a ready state may be a dangerous illusion that keeps leaders under a false sense of business as usual.

Stay with us now as we explore new ways of protecting the backups first and foremost so that cyber recovery becomes an indispensable tool in any IT and business security arsenal. We will now learn how Unisys and Dell Technologies are elevating what was data redundancy to protect against natural disasters into something much more resilient and powerful.

To learn more about the latest in rapid cyber recovery strategies and technologies, please join me in welcoming our guests, Andrew Peters, Director of Global Business Development for Security at Unisys. Welcome, Andrew.

Andrew Peters: Hi. Thank you, Dana.

Gardner: We are also here with David Finley, Director of Information Assurance and Security in the Data Protection Division at Dell Technologies. Welcome, David.

David Finley: Thank you, Dana. I’m glad to be here.

Gardner: David, what’s happened during the last few years -- and now especially with the FireEye and SolarWinds attacks -- that makes cyber recovery as opposed to disaster recovery (DR) so critical?

Best defense is good offense

Finley: I have been asked that question a few times just in the last few weeks, as you might imagine. And there are a couple of things to note with these attacks, SolarWinds and FireEye.

Finley

One, especially with FireEye, it was demonstrated to the entire world something that we didn’t really have our eyes on, so to speak, and that is the fact that folks that have really good security -- where they sit back and the Chief information security officer (CISO) and the security team say, “We have really good security, we spent a lot of money, we have done a lot of things, we feel pretty good about what we have done.” That’s all great, but what was demonstrated with FireEye is that even the best can be compromised.

If you have a nation state-led attack or you are targeted by a cybercrime family, then all bets could be off. They can get in and they have demonstrated that with these latest attacks.

The other thing is, they were able to steal tools. Nothing worse can happen than the bad guys having new toolsets that they can actually use. We believe that with the increased threat from the bad actors because of these things, we really, really need the notion of a cyber vault or the third copy, if you will. Think about the 3:1 rule -- three copies, two different locations, one off-site or offline. This is really where we need to be.

Gardner: Andrew, it sounds like we have to assume that we are going to be or are already attacked. Just having a good defense isn’t enough. What’s the next level that we need to attain?

Peters
Peters: A lot of times organizations think their security and their defenses are strong enough to mitigate virtually anything that happens to the organization. But what's been proven now is that the bad guys are clever and are finding ways in. With SolarWinds, they found a backdoor into organizations and are coming in as a trusted entity.

Just because you have signed Security Assertion Markup Language (SAML) tokens and signed certificates that you trust, you are still letting them in. It’s just been proven that you can’t exactly trust them. And when they come inside an organization and they win, what do you do next? What do you do when you lose? The concept here is to plan to win, but at the same time prepare to lose.

Gardner: David, we have also seen an uptick in the success of ransomware payouts. How is that also changing the landscape for how we protect ourselves?

Finley: I was recently was thinking about that and I saw something written, it might have been a Wall Street Journal article, on security recently. They said CISOs in organizations have a decision to make after these kinds of attacks. The decision really becomes pretty simple. Do they pay the ransom or do they not pay the ransom?

We would all like to say, “Don’t pay the ransom.” The FBI says don’t pay the ransom, because of the obvious reasons. If you pay it, they may come back, they are going to want more, and it sets a bad precedent, all those things. But the reality is when this actually happens to a company, they have to sit down and make the hard decision: Do I pay or do I not pay? It’s based upon getting the business running again.

We want to position ourselves together with Unisys to create a cyber vault that is secured in a way that our customers will never have to pay the ransom.

If we have a protected set of data, and it's protected in a vault secured by zero trust, to be able to get it back into play -- that's the best answer. It means not paying the ransom.

If we have a protected set of data that is the most important data to the firm – the stuff that they have to have tomorrow morning to actually run the business -- and it’s in a protected vault secured by zero trust, through Unisys Stealth software, to be able to secure it and get it back out and put it back into play, that’s the best answer.

So that means not paying the ransom and still having the data available to bring the business back into play the next day. A lot of these attacks, as we know, are not only stealing data, like they did recently with FireEye, but also encrypting, deleting, and destroying the data.

Gardner: Another threat vector these days is that more people are working remotely, so there are more networks involved and more vulnerable endpoints. People are having to be their own IT directors in their own homes, in many cases. How does the COVID-19 work-from-home (WFH) trend impact this, Andrew?

Work from home opens doors

Peters: There are far more points of entry. Whereas you might have had anywhere from 10 percent to 15 percent of your workforce remotely accessing the network, and that access was fairly controllable, now you have up to 100 percent of your knowledge workers working remotely and accessing the network. There are more points of entry. From a security perspective, more rules need to be addressed to control access into the network and into operations.

Then one of the challenges an organization has is that once they are on the inside of these big, flat networks the bad guys can map that network. They learn the systems that are there and they learn the operations extremely well and manipulate them, taking advantage of zero-day vulnerabilities in the systems and so operate within that environment without even being discovered. Once again, going back to the SolarWinds, they were operating for about eight months before they were eventually discovered.

Gardner: And so are we at a point going on 30 years of using wide area networks (WANs), and we are still under a false sense of security. David, do we not understand the threats around us?

Finley: There is the notion within our organizations and within the public sector that we believe what we have done is good enough. And good enough can be our enemy. I can’t tell you the number of times I have spoken with folks during incident response or after incident response from a cyberattack where they said, “We thought we were secured. We didn’t know that this could happen to us, but it did happen to us.”

That false sense of security is very real, evidenced by these high-level attacks on firms that we never thought it would happen to. It's not just FireEye and it's not just SolarWinds. We have had attacks on COVID-19 clinical trial providers, we have had attacks on our own government entities. Some of these attacks have been successful. And a lot of these attacks don’t even get publicized.

The most dangerous thing is a false sense of security. A lot of times these attacks happen and get swept under the rug. They quietly get cleaned up. That leads to a false sense of security.

Here is the most dangerous thing in this false sense of security we are talking about. I ask customers what percentage of the attacks do you actually believe you have visibility into within your own region? And the answer, the honest answer, is usually probably less than 20 percent.

But because I do this every day for a living, as does Andrew, and we probably have visibility to maybe 50 percent, because a lot of times these attacks happen and they get swept under the rug. They quietly get cleaned up, right? So we don’t know what’s happening. That also leads us to a false sense of security.

So again, I believe that we do everything we can upfront to secure our systems, but in the event that something does get through, we need to make sure that we have a secure offline copy of these backups and of our data.

Be prepared to resist ransom

Peters: An interesting dynamic I have noticed since the pandemic is that organizations, while they recognize it’s important to have that cyber recovery third copy to bring themselves back from the brink of extinction, say they can’t afford to do it right now. The pandemic has squeezed them so much. 

Well, we know that they are invested in backup. We know they are invested in DR, but they say, “Okay, we may table this one because it’s something that is a bit too expensive right now.”

However, on the other side, there are organizations that are picking up on this at this time, saying, “You know what? We see this is way more critical because we know the attacks are picking up.”

But the challenge here is the organizations that are feeling squeezed, that they can’t afford to invest in a solution like this, the question is, can they afford not to invest in this given all the exposure of the threats to their organizations. And we keep going back to SolarWinds, which is a big wake-up call.

But if we go back to other attacks that happened to organizations in the recent past -- such as the WastedLocker backdoor and the procedures the bad guys are using to get into organizations to learn how they operate, to find additional backdoors and operate within that environment, and to even learn to avoid the security technologies that were put in there specifically to detect such breaches – they can operate with impunity within that environment. Then they eventually learn that environment well enough to shut them down enough so that the company has two choices. That company can either pay the ransom or go out of business.

And if you are a bad guy, what would be your goal? Do you want to expose the company’s information and embarrass them? No, you want to make money. And if they are in the process of making money, how do they do it? You have to squeeze an organization as much as possible. And that’s what ransomware and these backdoors are designed to do -- squeeze an organization enough to where they are forced to pay the ransom.

Gardner: So we need a better, fuller digital insurance policy. Yet many organizations have insurance in the form of DR designed for business continuity, but that might not be enough.

So what are we talking about when we make this shift from business continuity to cyber recovery, David? What are the fundamental challenges organizations need to overcome to make that transition? 

Cyber more likely than natural disaster

Finley: The number-one challenge I have seen over the past four or five years is that we need to realize that DR -- and all the tenets of DR -- will not cover us in the event of a cyber disaster. So those are two very different things, right?

Oftentimes I challenge people with the notion of how they differ. And just to paint a picture, we have been doing DR basically the same way for many decades. The way it normally works is we have our key systems and their data connected to another site outside of a disaster radius, such as for earthquakes, floods, tornados, and hurricanes. We copy that data through a wide-open pipe to the other side on a regular basis. It’s an always-open circuit to the other side, and we have been doing it that way for 40 years.

What I often ask customers is based on that, how much do you spend every year to do DR? What does it really cost? Do you test? What are the real costs for DR for you? And there is usually a tangible answer.

The probability of cyber events is much higher than disaster events.The IT infrastructure and security groups have been making cyber recovery part of DR planning -- and it's taken a long time to get there. We have to change how we approach this.

With that in mind, the next question is, “If you look at the probability of something happening in the future to you, what do you think is more probable -- a natural disaster event or a cyber disaster? What’s more probable?” And the answer is unanimously, it’s been 100 percent in recent years, it’s going to be a cyber disaster.

Of course, the next question is, “How do you deal with cyber recoveries and is it a function of DR within your organization?” And the answer usually is, “Well, we don’t deal with it very well.”

So the IT infrastructure and security groups have in the last year been making cyber recovery part of DR planning -- and it’s taken a long time to get there. When you think about that, if the probability of cyber events is much higher than disaster events -- and we spend $1 million a year on DR -- how much do we spend for cyber recovery? The answer historically has been that they spend very little on true cyber recovery.

That’s what has to change. We have to change how we approach this. We have to bring the security and risk folks into those decisions on protecting data. We need to look at it through the lens of a cyber event destroying all of the data, just as a hurricane may destroy all of the data.

Peters: You know, Dave, in talking to a lot of organizations on what exactly they are going to do if they have a ransomware meltdown, we ask, “How are you going to recover?” They say, “We are going to go to our DR.” 

Hmm, okay. But what if you discover in your recovery process those files are polluted? That’s going to be a bad situation. Then they may go find some tapes and stuff. I ask, “Okay, do you have a runbook for this?” They say, “No.” Then how will they know exactly what to do?

And then the corollary to that is, how long is this recovery going to take? How long can you sustain your operations? How long can you sustain your company, and what kinds of losses are you prepared to sustain?

Wow, and you are going to figure this all out when you are going through the process of trying to bring your organization back after a meltdown? That’s usually the tipping point where you are going to say, like other organizations have said, “You know what? We are just going to have to pay the ransom.”

Finley: Yes, and that also begs the question that we often see folks miss. And that is, “Do you believe that your CEO and/or your board of directors -- the folks who don’t do IT as an everyday job, the folks who are running the business -- do they understand the difference between DR and cyber recovery?”

If I were to ask people on the board of any organization if they were secure in their DR plans, most of them would say, “Yes, that’s what we pay our teams to do.”

If I were to ask them, “Well, do you believe that being able to recover from cyber disasters is included in that and done well?” The answer would also be, “Yes.” But oftentimes that is simply not the truth.

They don’t understand the difference between DR and cyber recovery. The data can all be gone from a cyber event just as easily as it can be gone from a hurricane or a flood. We have to approach it from that perspective and start thinking through these things.

We have to take that to our boards and have them understand, “You know what? We’ve spent a lot of money for 40 years on DR, but we really need to start spending money on cyber recovery.”

Yet we still get a lot of pushback from customers saying, “Well, yes, of course making a third copy and storing it somewhere secure in a way that we can always get it back -- that’s a great idea -- but that costs money.”

Well, you have been spending millions of dollars on DR, so make cyber recovery part of that effort.

Gardner: To what degree are the bad guys already targeting this discrepancy? Do they recognize a capability to go in and compromise the backups, the DR, in such a way that there is no insurance policy? How clever have the bad guys become at understanding this vulnerability?

Bad guys targeting backups

Peters: What would you do if you were the bad guy and you wanted to extort money from an organization? If you know they have any way of quickly recovering, then it’s going to be pretty hard to extort from them. It’s going to be hard to squeeze them.

These guys are not broke, they are often professional organizations. There’s a lot of focus on the GRU, the former KGB operation that’s in Russia, and Cozy Bear and a number of these different organizations are well-funded. They have very clever people there. They are able to obtain technologies, reverse engineer them, understand how the security technologies operate, and understand how to build tools to avoid them. They want to get inside of organizations and learn how the operation runs and learn specifically what’s key and critical to an organization.

The second thing, while they want to take out the primary systems, they also want to make sure you are not able to restore them. This is not rocket science.

So, of course they are going to target backups. Are they going to pollute the files that you are going to actually put in your backups so if an organization tries to recover, they can create a situation that is bad, if not worse, than it was previously? What would you do? You have to figure that this is exactly what the bad guys are doing in organizations -- and they are getting better at it.

Finley: Andrew, they are getting better at it. We have been watching this pretty closely for the last year now. If you go out to any of the pundits or subscribe to folks like Bleeping Computer, Security Today, CIO.com, or CISO, you see the same thing. They talk about it getting worse. It’s getting worse on a regular basis.

They are targeting backups. We are finding it actually written in the code. The first part of what they are going to do when they drop this on the network is they are going to go seek out security tools to disable them. Then they are going to seek out shadow copies to link to them and seek out backup catalogs and link to them.

And this is the one that a lot of people miss. I just read this recently, by the FDIC, and they are publishing this to their member banks. They said DR has been done well for a number of decades. You copy information from one bank to another or from one banking location to another and you are able to recover from disasters and spin up applications and data in a secondary location. That’s all great.

But realize that if you have malware attacking you in your primary location, it very often will make its way to your DR location, too. The FDIC said this pointblank, they said, “And you will get infected in both locations.”

A lot of people don’t think about that. I had a conversation last year with a CISO who said that if an attack gets to your production environment they can manage to move laterally and get to your DR site. And then the date is gone. And this particular CISO said, “You know, we call that an ‘Oh, crap’ moment because there is nothing we can do.”

That’s what we now need to protect against. We have to have a third copy. I can’t stress it nearly enough.

Gardner: We have talked about this third copy concept quite a bit. Let’s hear more about the Dell-Unisys partnership. What’s the technology and strategy for getting in front of this so that cyber recovery becomes your main insurance policy, not your afterthought insurance policy?

Essential copy keeps data dynamic

Finley: We want everyone to understand the reality. The bad guys can get in, they can destroy DR data, we have seen it too many times. It is real. These backups can be encrypted, deleted, or exfiltrated. And that is the fact, so why not have that insurance policy of a third copy?

There’s only way to truly protect this information. If the bad guys can see it, get to the machines that hold it, and get to the data – whether the data is locked on disk or not – they can destroy it. It’s a real simple proposition.

We identified many years ago that the only way to really, truly protect against that is to make a copy of the data and get it offline. That is evidenced today by the guidance being given to us by the US federal government, Homeland Security agency, and FBI. Everybody is giving us the same guidance. They are saying take the backups, the copies of your data, and store them somewhere away from the data that you are protecting – and ideally on the other side of an air gap and offline.

When we create this third copy from our Dell solution for cyber recovery we take the data that we backup every day and move that key data to another site, across an air gap. The idea is the connection between the two locations is dark until we run a job to actually move the data from production to a cyber recovery vault.

With that in mind, there is no way in until we bring up that connection. Now, that connection is secured through Unisys Stealth and through key exchanges and certificate exchanges to where the bad guys can’t get across that connection. They can’t get in. In other words, if you have a vault that’s going to hold all your important data, the bad guys can’t get in. They can’t get through the door. Even though we open a connection, they can’t use that connection to ride into our vault.

And with that in mind we can take that third copy and store it in this cyber vault and keep it safe. Now, getting the data there and having the systems outside the vault communicate to the machines inside the vault – to make sure that all of that is secure – is something we partnered with Unisys on. I will let Andrew tell you about how that works.

Secure data swiftly in cyber vault

Peters: Okay. First off, Dave, you are not talking about putting all of the data into the vault, right? Specifically people are looking at only the data that’s critical to an operation, right?

Finley: Yes. And a quick example of that, Andrew, is an unnamed company in the paint industry. They create paint around the world and one of their key assets is their color-matching databases. That’s the data they put into the cyber vault, because they have determined that if that proprietary data is gone, they can lose $1 million per day.

We can take a third copy and store it in the cyber vault and keep it safe. We have partnered with Unisys on getting the data there and making the communication with all of the machines secure.

Another example is an investment firm we work with. This investment firm puts their trade databases inside of the cyber vault because they have discerned that if their trade databases are infected, affected, or deleted or encrypted – and they go down – then they lose multiple millions of dollars per hour.

So, to your point, Andrew, it’s usually about the critical business systems and essential information, things like that. But we also have to be concerned with the critical IT materials on your networks, right?

Peters: That’s right, other key assets like your Active Directory and your domain servers. If you are a bad guy, what are you going to attack? If they want to cripple you so much that even if you had that essential data, you couldn’t use it. They are going to try and stop you in your tracks. 

From a security perspective, there are a few things that are important – and one is data efficacy. First is knowing what I am going to protect. Next, how best am I going to securely move that critical data to a cyber vault? There is going to be automation so I am not depending on somebody to do this. This should happen automatically.

So, to be clear, I am going to move it into the secure vault, and I want that vault to be air gapped. I want it to be abstracted from the network and the environment so bad guys can’t find it. Even if they could find it, they can’t see anything, and they can’t talk to it.

The second thing I want is to make sure that the data I’m moving has high efficacy. I want to know that it’s not been polluted because bad guys are going to want to pollute that data. Typically, the things you put into the backup – you don’t know, is it good, is it bad, has it been corrupted? So if it’s going to be moved into the vault, we want to know if it’s good or if it’s bad. That way, if we are going to be going into a recovery, I can select the files that I know are good and I can separate them from the bad.

This is really important. That’s one of the critical things when you’re going into any form of cyber recovery. Typically you aren’t going to know what’s good data unless you have a system designed to discern good from bad.

You don’t want to be rebuilding your domain server and have the thing find out that it’s been polluted, that it’s locked, and that it has ransomware embedded in it. Bad guys are clever. You have to ask, “What would I do if I were a clever bad guy?” Sometimes it’s hard to think like that unless you put your bad guy hat on. 

There’s another important element here, too. The element of time. How quickly am I going get to this protected data? I have all of this data, these files and these applications, and they’re in my protected vault. Now, how am I going to move them back into my production environment?

But my production environment actually might still be polluted. I might still have IT and security personnel trying to clean up that environment. At the same time, I have to get my services back up and running, but I have a compromised network. And what’s the problem? The problem is time.

Ultimately, all of this comes down to business continuity and time. How quickly can I continue my critical operations? How quickly am I going to be able to get them up and running – despite the fact that I still have a lot of issues with ransomware and with hackers inside my IT operations?

From a security and rapid recovery perspective, there are some unique things that we can do with a cyber recovery approach. A cyber recovery solution automates the movement of your critical data into a secure vault, then analyzes it for data efficacy to determine if the data has been compromised. It also provides you with a runbook so you know how you’re going to get that data back out and get those systems operating so you can get users back online.

So even with a zero-day attack, by being able to use things like cryptography, cloaking, and basically hiding things from the rest of the network, I can get cryptographic micro-segmentation to restore the operations of critical services and get users back up on those services. Even if my network is compromised, I can start doing that very, very quickly.

When you put the whole cyber recovery solution that we have together – with automation, the security built in, to get to the critical data on a daily basis, move it into a vault, analyze it, and then obtain a runbook capability – you can quickly move it all back out and get those critical services back up and running. 

Manage, monitor, and restore data

Finley: One of the things that I hope everyone understands is that we can create a secure vault, put information in it, and do that all securely. But as Andrew was saying, most folks also want the ability to monitor, manage, and update that secure vault from their security operations center (SOC) or from their network operating system (NOS).

When we first began our relationship with Unisys, around the Stealth software, I was very excited. For a couple years before that, we were working with folks to show them how to use firewalls to protect information going in and out of our cyber vault, or how to configure virtual private networks (VPNs) to make that happen.

But when we got together and I looked at the Unisys Stealth software a few years ago, from a zero trust networks perspective – instead of just agents on the machines – it becomes invisible.

When I saw the tunnels that Unisys creates to our Dell vault I realized it not only allows us to have a new way to manage everything from the outside, it allows us to take clean data inside the vault and restore it quickly through the secure tunnels back to the outside.

When I first saw that those tunnels Unisys creates to our Dell vault are as secure as they are, I quickly realized that not only did it allow us to have a new way to manage everything from outside – we can also monitor everything from outside. It allows us to take what we know is clean data inside the vault and be able to restore it quickly through one of those secure Stealth tunnels back out to the outside.

That is hugely important. We all know there are various ways to secure communications like this. Probably the least secure nowadays are VPNs, or remote access, if you will. The next secure, quite frankly, is viral access, or import access, and then the most secure is, I believe, zero trust software like we get with Unisys Stealth.

Peters: It’s not that I want to beat down on firewalls, because firewalls and ancillary technologies are very effective in protecting organizations – but they’re not 100 percent effective. If they were, we wouldn’t be talking about ransomware at all. The reason that we are is because breaches occur. The bad guys go after the low-hanging fruit, and they’re going to hit those organizations first. Then they’re going to get better at their craft and they’re going to go after more-and-more organizations.

Even when organizations have excellent security, you can’t always prevent against the things that people do. Or now, with SolarWinds, you can’t even trust the software that you’re supposed to trust. There are more avenues into an organization. There are more means to compromise. And the bad guys can monetize what they are doing through Bitcoin in these demands for ransoms.

So, at the end of the day, the threats to organizations are changing. They’re evolving, and even with the best defenses an organization has, you’re probably going to have to plan on being compromised. When the compromise happens, you have to ask, “What do we do now?”

Gardner: Are there any examples that you can point to and show how well recovery can work? Do we have use cases or actual customer stories that we can relate to show how zero trust cyber recovery works when it’s done properly?

Get educated on recovery processes

Finley: Sure, one happened not too long ago. It was a school system in California. And that particular school system worked with us to procure the cyber recovery solution, created a cyber vault, the third copy, and secured all of that. We installed it and got it all up and running and moved data into the vault on a Thursday of a particular week. And then they had a cyber event happen to the school system. This is one of the biggest school systems in that part of California. They had a cyber event over the weekend in that school system, and they had just gotten the vault up and running and had copied all of the critical data into it.

The data in the vault was secure. They were able to recover it as soon as they forensically could, according to the FBI, because the data was secure. It saved a bunch of time and a lot of effort and money.

Now, I contrast that to a couple other major attacks on other companies that happened in the last 120 days. One where they had no cyber vault, the customer data was attacked in production and a lot of DR was attacked. That particular set of events was done through a whole series of social engineering, but they were taken down encrypted and a lot of the data was destroyed.

It took them days, if not weeks, to begin the recovery process because of a lot of things that we all need to be aware of that happen. If you don’t have data that you know is secured somewhere else and that is clean, you’re going to have to verify that it’s clean before you can recover it. You’re going to have to do test recoveries to systems and make sure you’re not restoring malware. That’s going to take a long period of time. You’re not even going to be able to do that until law enforcement tells you that you can.

Also, when you’re in the middle of an incident response, regardless of who you are, the last thing you’re going to do is connect to the Internet. So if your data is stuck somewhere in a public cloud or clouds, you’re not going to be able to get it while you’re in the middle of an incident response.

The FBI characterizes your systems as a crime scene, right? They put up yellow tape around the crime scene, which is your network. They are not going to allow anybody in or out until they’re satisfied they’ve gathered all the date to be able figure out what happened. A lot of folks don’t know that, but it is simply true.

So having your critical data accessible offline, on the other side of the crime area, having it scrubbed every day do make sure it is absolutely clean, is very important.

In a case of a second company, it took days if not weeks before they could recover information.

There is a third example. The IT people there told me the cyber vault saved their company, and “saved our butts,” they said. In this particular case, the data was encrypted in all of their systems. They were using backup software to write to a virtual client and they were copying that day from virtual clients into our cyber vault.

They also had our physical clients, called Data Domain from Dell, in production and writing into the cyber vault. They did not have our analytics software to scrub and make sure it was clean because it was an older implementation. But at the end of the day, everything in production was gone. But they went to the vault data and realized that the data there was all still good.

The bad guys couldn’t get there. They couldn’t see the cyber vault, didn’t know how to get there, and so there was no way they could get to that information. In this case, they were able to spin up and restore it rather quickly.

In another incident example, in the cyber vault, they had our CyberSense software, which does cyber analytics on the data being stored. We can verify the data is clean at a 99.7 percent effective level to tell the customer the data is restorable and clean. In this case the FBI got involved.

The FBI actually used the information from our CyberSense software to help them to ascertain the who, what, when, and where of what happened. Once they knew who, what, when, and where, they knew the stored data was clean and we were able to do a more rapid rescue.

Plan ahead with precise processes

Peters: What’s important too is knowing what to do. For example, what applications are you going to recover first? What do you need to do to get your operations running? Where are you going to find the needed files? Who’s going to actually do the work? What systems you are going to recover them onto?

Have a plan of action versus, “Okay, we’re going to figure this out right now.” Have a pre-prescribed runbook that’s going to take you through the processes, procedures, and decisions that need to be made. Where is the data going to be recovered from? What’s going to be determined? How is it recovered? Who’s going to get access to it?

This is different than DR. This is different than backup, it's way different. It's its own animal. You can define the runbook so that you can recover fully.

All of these things. There’s a whole plan that goes into this. This is different than DR. This is different than backup, it’s way different, it’s its own animal. And this is another place where Dell expertise comes in, being able to do the consulting work with an organization to define the plan or the runbook so that they can recover.

Finley: I wanted to also point out a consideration about ransomware payments. It’s not always a clean option to actually make the payment because of the U.S. Treasury Office of Foreign Assets’ controls. If an organization pays the ransom, and the recipients of that payoff are considered a threat to the United States, they may be breaking another law if you pay them the ransom.

So that needs to be taken into consideration if an organization is breached for ransom. If they pay the ransom off, they may be breaking a federal law.

Gardner: Do the Dell cyber recovery vault and Unisys Stealth technologies enable a crawl, walk, and run approach to cyber recovery? Can you identify those corporate jewels and intellectual property assets, and then broaden it from there? Is there a way to create a beachhead and then expand?

Build the beachhead first

Finley: Yes, we like to protect what we call critical rebuild materials first. Build the beachhead around those critical materials first, then get those materials Active Directory and DNS zone tables in the vault.

Next put the settings for networks, security logs, and event logs into the vault -- the stuff in your production environment that you could get out of the vault and make everything work again.

If you have studied the Maersk attack in 2017, they didn’t have any of that, and that was a very bad day. They finally found those copies in Africa, but if they hadn’t found them it would’ve been a very bad month or year. So with that kind of a thing in mind, it has happened to many folks besides just them where this had to be most publicized.

So with that in mind, get those materials into the vault as a beachhead, if you will. Let’s build together the notion of this third location, let’s secure it with Unisys Stealth, and let’s secure it with an air gap that’s engulfed in Stealth, and with all of the connections in and out of the vaults protected by Stealth using zero trust. Let’s take those critical materials and build that beachhead there. Ideally, I’ve seen great success when I was doing that, and then gathering maybe total of three to five of the most critical business applications that a firm may have and concentrating on them first.

Here’s what we don’t want to do. I see no success in sitting down and saying, “Okay, we’re going to go through 150 different applications, with all of their dependencies, and we’re going to decide which of those pieces go into the cyber vault.”

It can be done, it has been done, and we have consulting that can help do that between Dell and Unisys, but let’s not start that way. Let’s instead start like we did recently with a big, big company in the U.S. We started with critical materials, we chose five major applications first, and for the first six months that’s what we did.

We protected that environment and those five major applications. And as time goes on, we will move other key applications into that cyber vault. But we decided not to boil the ocean, not look at 2,000 different applications and put all that data into the vault.

I recently talked to a firm that does pharmaceuticals. Intellectual property is huge for them. Putting their intellectual property into the cyber vault is really key. It doesn’t mean all of their systems. It means they want intellectual property in the vault, those critical materials. So build the beachhead and then you can move any number of things into it over time.

Peters: We have a demonstration to show what this whole thing looks like. We can show what it looks like to make things disappear on your network through cloaking, moving data from a production environment into a vault, and in-retention locking that, analyzing the data, and finding out if something is bad on it, and being able to select the last known good copy of data and start to rebuild systems in your production environment. 

If somehow you had an environment you’re recovering and malware manages to slip inside of that we can detect that and we can shut it down in about 10 to 15 seconds. For organizations interested in seeing this working in real-time, we have a real live demo.

Finley: That’s a powerful, powerful demo for all of the folks who are listening. You can see this thing work from beginning to end to see how the buttons are put in and how the data essentially moves out of scrubbing of the data to make sure it’s clean. It was fascinating for me the first time I saw this. It was great.

Gardner: I’m afraid we will have to leave it there. You’ve been listening to a sponsored BriefingsDirect discussion on new ways of protecting data backups first and foremost so that cyber recovery becomes an indispensable tool in any IT and business security arsenal.

And we’ve learned how a joint-solution between Unisys and Dell elevates what was once data redundancy and backup into a much more resilient and powerful cyber recovery regime.

So please join me in thanking our guests, Andrew Peters, Director of Global Business Development for Security at Unisys. Thank you so much, Andrew.

Peters: Thank you.

Gardner: We’ve also been here with David Finley, Director of Information Assurance and Security in the Data Protection Division at Dell Technologies. Thank you, David.

Finley: Thank you, Dana. Thank you, Andrew.

Peters: Hey, thank you, too, Dave. Cheers.

Gardner: And a big thank you as well to our audience for joining this BriefingsDirect cybersecurity innovation discussion. 

I’m Dana Gardner, Principal Analyst of Interarbor Solutions, your host throughout this series of Unisys- and Dell-sponsored BriefingsDirect discussions.

Thanks again for listening. Please pass this along to your IT community, and do come back next time.

Listen to the podcast. Find it on iTunes. Download the transcript. Sponsor: Unisys and Dell Technologies.

A transcript of a discussion on new ways of protecting data backups first and foremost so that cyber recovery becomes an indispensable tool in any IT and business security arsenal. Copyright Interarbor Solutions, LLC, 2005-2021. All rights reserved.

You may also be interested in: 

Tuesday, April 13, 2021

Rethinking Employee Well-Being Means Innovative New Support for the Digital Work-Life-Balance


Transcript of a discussion on the current state of employee well-being and how new pressures and complexity from distance working demand new forms of employer-managed support.

Listen to the podcast. Find it on iTunes. Download the transcript. Sponsor: Citrix.

Dana Gardner: Hi, this is Dana Gardner, Principal Analyst at Interarbor Solutions, and you’re listening to BriefingsDirect.

The tumultuous shift over the past year to nearly all-digital and frequently at-home work has amounted to a rapid-fire experiment in human adaptability. While there are many successful aspects to the home-exodus experiment, as with all disruption to human behavior, there are also some significant and highly personal downsides.

Stay with us now as we explore the current state of employee well-being and examine how new pressures and complexity from distance working may need new forms of digital support, too.

To learn more about coping in an age of unprecedented change in blended work and home life, we’re now joined by our guests, Carolina Milanesi, Principal Analyst at Creative Strategies and founder at The Heart of Tech. Welcome, Carolina.

Carolina Milanesi: Thank you for having me.

Gardner: We’re also here with Amy Haworth, Senior Director, Employee Experience at Citrix. Welcome, Amy.

Amy Haworth: It’s great to be here.

Gardner: And we’re here with Ray Wolf, Chief Executive Officer at A2K Partners. Welcome, Ray.

Ray Wolf: Thank you, Dana.

Gardner: Amy, how are predominantly digital work habits adding to employee pressures and complexities? And at this point, is it okay not to be okay with all of these issues and new ways of doing things?

Distance work redefines employee wellness

Haworth: Thanks, Dana. It’s such an important question. What we have witnessed in the last 12 months is an unfolding of the humanness of a very powerful transformational experience in the world. It is absolutely okay not to be okay. To be able to come alongside those who are courageous enough to admit it is one of the most important roles that organizations are being called upon to play in the lives of our employees. 

Haworth
Oftentimes, I think about what’s happened in 2020 and 2021. It’s as if the tide went out. It exposes fissures in our connectedness in the way organizations operate -- even in the support systems we have in place for employees.

We’ve learned that unless employees are okay, our organizational health is at risk, too. Taking care of employees and enabling employees to take care of themselves shifts the conversation to new, innovative ways of doing that.

The last 12 months have shown us that we’ve never faced something like this before, so it’s only natural that we lacked a lot of the support systems and mechanisms to enable us to get through it.

There has been some amazing innovation to help close that gap. But it’s also been as if we’ve been flying the plane, while also figuring out how to do this all better. So, absolutely, yes, there are new challenges -- but also a lot of growth. Being able to come alongside and being able to raise the white flag when needed makes it worth doing.

Gardner: Carolina, the idea for corporations of where their responsibility is has shifted a great deal. It used to be that employees would drive out of the parking lot -- and they’d be off on their way, and there was no further connection. But when they’re working at home and facing new forms of fatigue or emotional turmoil, the company is part of that process, too. Do you see companies recognizing that?

Milanesi: Absolutely. To be honest with you, it’s been a long time in coming because although I might drive away from the parking lot -- for a lot of employees -- that’s not when the work stops.

Milanesi
Either because you’re working across different time zones or because you’re on call, if you’re a knowledge worker, chances are that your days are not a nine-to-five kind of experience. That had not been fully understood. The balance that people have to find in working and their private life has been under strain for quite some time.

Now that we’ve been at home, there’s no escape [from work]. That’s the realization companies have come to -- that we are in this changed world and we are all at home. It’s not just that I decided to be a remote worker, and it’s just me. It’s me and whoever else is living with me -- a partner, or maybe parents that I’m looking after, and children, all co-sharing apartments and all of that.

So, the stress is not just mine. It’s the stress of all of the people living with me. That is where more attentiveness needs to come in, to understand the personal situations that individuals are in -- especially for under-represented groups.

For example, if you think about women and how they feel about talking -- or not talking -- about their children or caregiver responsibilities, they often shy away from talking about it. They may think it reflects badly on them.

All of those stresses were there before, but they became exacerbated during the pandemic. This has made organizations realize how much weight is on the shoulders of their employees, who are human beings after all.

Gardner: Ray at A2K Partners, you probably find yourself between the companies and their employees, helping with the technology that joins them and makes them productive. How are you seeing the reaction of both the employees and the businesses? Are they coming together around this -- or are we just starting that process?

Wolf: I think we’re only in the second inning here, Dana. In our conversations with chief human resources officers (CHROs), they come to the conversation saying, “Ray, is there a better way? Do we really need to live with the way things are for our employees, particularly with the way they interface with technology and the applications that we give them to get their jobs done?”

Wolf
We’re able to reassure them that, yes, there is a better way. The level of dissatisfaction and anxiety that employees have working with technology doesn’t have to be there anymore. What’s different now is that people are not accepting the status quo. They’re asking for a better way forward. The great news -- and we’ll get into this a little bit later -- is there are a lot of things that can be done.

The concept of work-life balance, right? It’s no longer two elements at the end of a see-saw that’s in balance. It looks more like a puzzle, where you’re shifting in and out -- often in 15-minute or 30-minute intervals -- between your personal life and your work life.

So how can technology better facilitate that? How can we put people into their flow state so they have a clear cognitive view of what they need to get done, set the priorities, and lead them into a good state when they need to return to their family activities and duties?

Gardner: Amy, what hasn’t changed is the fundamental components of this are people, process, and technology. The people part, the human resources (HR) part, perhaps needs to change because of what we’ve seen in the last year.

Do you see the role of HR changing? Is it even being elevated in importance within the organization?

Empowered employees blend life, work

Haworth: The role of HR really has elevated. I see it as an amplification of employee voice. HR is the employee advocate and the employee’s voice into the organization.

It’s one thing to be the voice when no one’s listening. It’s much more interesting to be the voice when people are listening and to steer the organization in the direction that puts talent at the center, with talent first.

We’re having discussions and dialog about what’s needed to create the most powerful employee experience, one where employees are seen or heard and feel included in the path forward. One thing that’s so clear is we are shaping this all together, collectively. We are together shaping the future in which we will all live.

Being able to include that employee voice as we craft what it means to go to work or to do work in the years ahead means in many ways that it's an open canvas. There are many ways to do hybrid work.

Being able to include that employee voice as we craft what it means to go to work or to do work in the years ahead means in many ways that it’s an open canvas. There are many ways to do hybrid work, which clearly seems to be the direction most organizations are going. Hybrid is quite possibly the future direction education is heading, too.

A lot of rethinking is happening. As we harness that collective voice, HR’s leadership is bringing that to the table, bringing it into decisions, and entering into a more experimental mindset. Where we are looking to in the future and how we find ways to innovate around hybrid work is increasingly important.

Gardner: Carolina, when we look at the role of technology in all of this, how should an HR organization such as Amy’s use technology to help -- rather than contribute to the problem?

Milanesi: That’s the key question, right? Technology cannot come as another burden that I have to deal with when it comes to employees.

I love Ray’s analogy of the puzzle of the life we live. I stopped talking about work-and-life balance years ago and started talking instead about working-life-blend because if you blend there’s room to maneuver and change. You can compromise and put less stress on one area versus the other.

So, technology needs to come in to help us create that blend – and it has to be very personal. The most important thing for me is that one size doesn’t fit all. We’re all individuals, we’re all different. And although we might share some commonalities, the way that my workflow is setup is very different from yours. It has to speak to me because otherwise it becomes another burden.

So, one part is helping with that blend. Another part for technology to play is not making me feel that the tool I’m using is an overseer. There are a lot of concerns when it comes to remote working, that organizations are giving you tools to manage you -- versus help you. That’s where the difference lies, right? For me, as an employee, I need to make sure that the tool is there to just help me do my work.


It doesn’t have to be difficult. It has to be straightforward. It keeps me in the flow, and helps me with my blended life. I also think that the technology needs to be context-aware. For example, what I need in the office is different from what I need when I’m at home or when I’m at the airport -- or wherever I might be to doing work.

The idea that your task is dependent or is influenced by the context you’re in is important as well. But simplicity, security, and my privacy are all three components that are important to me and should be important to my organization.

Gardner: Ray, Carolina just mentioned a few key words: context, feelings, and the idea of an experience rather than fitting into what the coder had in mind. It wasn’t that long ago that applications pretty much forced people to behave in certain ways in order to fit set processes. 

What I’m hearing, though, is that we have to have more adaptable processes and technologies to account for a person’s experiences and feelings. Is that not possible? Or is it pie-in-the-sky to bring the human factor and the technology together?

Technology helps workers work better

Wolf: Dana, the great news is the technology is here today with the capability to that. The sad part is the benchmark is still pretty low. The fact is when it comes to providing technology to enable workers to get their jobs done, there is really very little forethought as to how it’s architected and orchestrated.

People are often simply given login information to the multiple applications that they need to use to get things done during the day. The most that we do in terms of consideration for these employees is create a single sign-on. So, for the first five minutes of your day, we have a streamlined, productive, and secure way to login -- but then it’s a free for all. Processes are standard across employee types. There’s no consideration for how the individual employee wants to get work done, of what works best for them.

We subject very highly talented and creative people to a lot of low-value, repetitive tasks. Citrix Workspace allows you to automate out those mundane tasks, allowing workers to contribute more to critical business needs.

In addition, we subject very highly talented and creative people to a lot of low-value, repetitive tasks. One of the things that CHROs bring up to me all the time is, “How can I get my employees working at the top of their skills range, as opposed to the bottom of their skills range?”

Today there are platforms such as Citrix Workspace that allow you to automate out those mundane tasks, take into consideration where the employees should be spending their time, and allowing them to contribute more to the critical business needs of an organization.

Gardner: Amy, to that point of the way employees perceive of their work value, are you seeing people mired in doing task-based work? Or are you seeing the opportunity for people to move past that and for the organization to support them so that they can do the work they feel most empowered by? How are organizations helping them move past task to talent?

Haworth: Great question, and I love how you phrase that move from task to talent. So a couple things come to mind. Number one, organizations are looking to take friction out of the work-day. That friction is energy, and that energy could be better spent for an employee doing something they love to do -- something that is their core skill set or why they were hired into that organization to start with.

A recent statistic I heard was that average workflow tends to involve at least four different stops along an application’s path. Think about what it takes to submit an expense report.

As much as possible, we’re looking for ways that take friction out of those interactions so employees get a sense of progress at the end of the day. The energy they’re expending in their jobs and roles should feel like it’s coming back threefold.

Ray touched on the idea of flow, but the conversation in 2021, based on the data we’ve seen, shows that employees feel fatigued because of the workload. What emerged from a lot of the survey work across multiple research firms last year was this sense of fatigue. You know, “My workload doesn’t match the hours that I have in the day.”


So, in HR circles, we’re beginning to think about, “Well, what do we do about that?” Is this a conversation more about energy and energetic spend? Initially [in the pandemic] there was a lot of energy spent just transforming how things were done. And now we get to think about when things are done. When do I have the most energy to do that hard thing? And then, “How is the technology helping me to do it? And is it telling me when it’s probably time to take a break?”

 

At Citrix we’ve recently introduced some really interesting notifications to help with this idea of well-being so that integration of technology into the workday helps as an employee manages their energy – to take, for example, a five-minute meditation break because they have been working solid for three hours. That might be a really good idea rather than that cup of coffee, for example.

So we’re starting to see a combination of the helpfulness of technology in a way that’s invited by employees. Carolina makes a great point about the privacy concerns, and so it comes in a way that’s invited by employees. That ultimately enables a state of flow and that feeling of progress and good use of the talent that each employee brings into the organization.

Gardner: Carolina, when we think about technology of 10 or more years ago, oftentimes developers would generate a set of requirements, create the application, and throw it over the wall. People would then use it. 

But what I just heard from Amy was much more about the employee having agency in how they use the technology, maybe even designing the flow and processes based on what works for them.

Have we gotten to the point where the technology is adaptive and people have a role in how services -- maybe micro-services -- are assembled? Are people becoming more like developers, rather than waiting for developers to give them the technology to use?

Optimize app workflows

Milanesi: Absolutely. Not everybody is in that kind of no-code environment yet to create their own applications from scratch, but certainly a lot of people are using micro-apps that come together into a workflow in both their private and work lives. 

Smartphone growth marked the first time that each of us started to be more in control of the applications that create workflows in a private way. The arrival of your own device into enterprise also meant bringing your own applications into enterprise.

As you know, it was a bit of the Wild West for a while, and then we harnessed that. Organizations that are most successful are the ones that stopped fighting this change and actually embraced it. To Amy’s point, there are ways to diminish and lower the friction that we feel as employees when we want to work in a certain way and to use all of the applications and tools, even ones that an IT department may not want us to. 

There is more friction and time loss in someone trying to go around that problem and creating back doors that bypass IT than for IT to empower me to do that work, as long as my assets and data are secure. As long as it’s secure, I should have a list of applications and tools that I can choose from and create my own best workflows.

Gardner: Ray, how do you see that balance between employee-agency and -agility and what the IT department allows? How do we keep the creativity flowing from the user, but at the same time put in the necessary guardrails?

Wolf: You can achieve both. This is not employee workflow at the sacrifice of security. That’s the state of technology today. Just in terms of where to get started with the idea of employees designing their workflows, this is exactly how we’re going about it with many customers today.

I mean, what an ironic thought: To actually ask the people involved in the day-to-day work what’s working for them and what’s not. What’s causing you frustration and is high-value to the company? So you can easily identify five places to go get started to automate and streamline.

What an ironic thought: To actually ask the people in the day-to-day work what's working for them and what's not. What's causing you frustration and is high-value to the company?

And the beautiful thing about it is when you ask the worker where that frustration is, and you solve it, two things happen. One, they have ownership and the adoption is very high as opposed to leadership-driven decisions. And we see this happening everyday today. It’s kind of the “smart guy in the room” syndrome where the people who don’t actually have to do the work are telling everybody what and how the workers actually want to get things done. It doesn’t work that way. 

The second is, once employees see -- with as little as two to three changes in their daily workflow -- what’s possible, their minds open up in terms of all the automation capabilities, all the streamlining that can occur, and they feel invigorated and energized. They become a much more productive and engaged member of the team. And we’re seeing this happen. It’s really an amazing process overall.

We used to think of work as 9 am to 5 pm -- eight hours out of your awake hours. Today, work occurs across every waking hour. This is something that remote workers have known for a long time. But now some 45 percent to 50 percent of the workforce is remote. Now it’s coming to light. Many more people are feeling like they need to do something about it.

So we need to sense what’s going on with those employees. Some of the technology that we’re working on is evaluating and looking at someone’s schedule. How many back-to-back meetings have they had? And then enforcing a cognitive break in their schedules so people can take a breather -- maybe take care of something in their personal lives.

And then, even beyond that -- with today’s technology such as smart watches -- we could look at things such as blood pressure and heart rates and decide if the anxiety level is too high or if an employee is in their proper flow. Again, we can then make adjustments to schedules, block out times on their calendars -- or, you know, even schedule some well-being visits with someone who could help them through the stresses in their lives.

Gardner: Amy, building on Ray’s point of enhancing well-being, if we begin using technology to allow employees to be productive, in their flow, but also gain inference information to support them in new ways -- how does that change the relationship between the organization and the employee? And how do you see technology becoming part of the solution to support well-being?

Trust enhances well-being

Haworth: There’s so much interesting data coming out over the last year about how the contract between employees and the organization is changing. There has been, in many cases, a greater level of trust. 

According to the research, many employees have trusted what their organizations have been telling them about the pandemic -- more than they trusted state and local governments or even national governments. I think that’s something we need to pay attention to.

Trust is that very-hard-to-quantify organizational benefit that fuels everything else. When we think about attraction, retention, engagement, and commitment -- some in HR believe that higher organizational commitment is the real driver to discretionary effort, loyalty, and tenure.

As we think about the role of the organization when it comes to well-being and how we build on trust where it’s healthy -- how can we uphold that with high regard? How can we better bridge that into a different employer-employee relationship -- perhaps one that’s better than we’ve ever seen before?

If we stand up and say, “Our talent is truly the human capital that will be front-and-center to helping organizations achieve their goals,” then we need to think about this. What is our new role? According to Maslow’s hierarchy of needs, it’s hard to think about being a high-performing employee if things are falling apart on the home front, and if we’re not able to cope.

For our organization, at Citrix, we are thinking about not only our existing programs and bolstering those, but we’re also looking for other partners who are truly experts in the well-being space. We can perhaps bring that new information into the organization in a way that integrates with and intersects into an employee’s day.

For us at Citrix, that is done through Citrix Workspace, and in many cases with the rapport of a managerial capability. That’s because we know so much of the trust relationship is between the employee and the manager, and it is human first and foremost.

Then we also need to think about how we continue to evolve and learn as we go. So much of this is uncharted. We want to make sure we’re open to learning. We’re continuing to invest. We’re measuring how things are working. And we’re inviting that employee voice in -- to help co-create.

Gardner: Carolina, from what we just heard from Amy, it sounds like there’s a richer, more intertwined relationship between the talent pool and the organization. And that they are connected at the hip, so to speak, digitally. It sounds like there’s a great opportunity for new companies and a solutions ecosystem to develop around this employee well-being category.

Do you see this as a growth opportunity for new companies and for organizations within existing enterprises? It strikes me that there’s a huge new opportunity.

Tech and the human touch

Milanesi: I do think there’s a huge opportunity. And that’s good and bad in my view because obviously, when there’s a lot of opportunity, there also tends to be fragmentation.

Many different things are going to be tried. And not everybody has the expertise to help. There needs to be an approach from the organization’s perspective so that these solutions are vetted.

But what is exciting is the role that companies like Citrix are taking on to become a platform for that. So there might be a start-up that has a great idea and then leverages the Citrix Workspace platform to deliver that idea.

Then you have the opportunity to use the expertise that Citrix brings to the table. They have been focused on workflows and employee empowerment for many years. What I’m excited to see is organizations that come out and offer that platform to make the emerging ecosystem even richer.

I also love what Amy said about human trust as first-and-foremost. That’s what I caution people to make it all about. Technology should not be a crutch, where technology comes in to try and make you suffer less, but still does not solve the problem. And technology should not be the only solution you adopt.

I might have a technological check-in that tells me that I’m taking on too many meetings or that I should take a break, but there is nothing better than a manager giving you a call or sending you an email to let you know you are seen as a human, that your work is seen by other humans.

I love what you were saying earlier about the difference between the task and the talent. That’s another part where -- if we have more technology that helps us with the mundane stuff and we can focus on what we enjoy doing -- that also helps us showcase the value that we bring as an employee and then the value of the task, not just the output.

A lot of times, some of these technology solutions that are delivered are about making me more productive. I don’t know about you guys, but I don't wake up in the morning and say, “I want to be more productive today.” I wake up and want to get through the day. I want to enjoy myself; I want to make a contribution and to feel that I make a difference for the company I’m working for.

And that’s what technology should be able to do: Come in and take away the mundane, take away the repetitive, and help me focus on what makes a difference -- and what makes me feel like I’m contributing to the success within my company.

Gardner: Ray, I would like to visit the idea of consequences of the remote-work era. Just as people can work from anywhere, that also means they can work for just about anyone.

If you’re working for a company that doesn’t seem to have your well-being as a priority and doesn’t seem to be interested in your talents as much as your tasks, you can probably find a few other employers quite easily from the very same spot that you’re in.

How has the competitive landscape shifted here? Do companies do this because it’s a nice thing to do? Or will they perhaps find themselves lacking the talent if the talent wants to work for someone who better supports them?

Employees choose work support

Wolf: Dana, that ultimately is the consequence. Once we get through this immediate situation from the pandemic, and digest the new learning about working remote, we will have choices.

Employers are paying attention to this in a number of ways. For example, I was just on the phone with a CHRO from a Fortune 50 company. They have added a range of well-being applications that help in the taking care of the employees there.

But there are also some cultural changes that need to occur. This CHRO was explaining to me that even though they have all these benefits -- including 12 hours off a month or more so-called mental health days – they are struggling with some of the managers. They are having trouble getting managers, some of whom may be later on in their careers, to actually model these new behaviors and give the employees and workers permission to take advantage of the benefits from these well-being applications.

The ones who evolve culturally, and who pay attention to this change, are ultimately going to be the winners. It may be another 6 or 18 months, but we'll get there.

So we have a way to go. But the ones who evolve culturally, and who pay attention to this change, are ultimately going to be the winners. It may be another 6 or 18 months, but we’ll definitely get there. In the interim, though, workers can do something for themselves.

There are a lot of ways to stay in-tune with how you’re feeling and give yourself a break and better scheduling of time. I know we would like to have technology that forces that into the schedule, but you can do that for yourself now as an interim step. And I think there are a lot of possibilities here -- and more not that far in the future.

There are things that could be done immediately to bring a little bit of relief, help people see what’s possible, and then encourage them to continue working down this path of the intersection of well-being and employee workflow.

Gardner: I’m afraid we’ll have to leave it there. You’ve been listening to a sponsored BriefingsDirect discussion on how the tumultuous shift over the past year to nearly all digital remote work has amounted to a rapid-fire experiment in human adaptability.

And we’ve learned how employee well-being in the age of distance working may need some new forms of digital and cultural business services support as well.

So a big thank you to our guests, Carolina Milanesi, Principal Analyst at Creative Strategies and Founder at The Heart of Tech. Thank you so much, Carolina.

Milanesi: Thank you very much for a great conversation.

Gardner: We’ve also been joined by Amy Haworth, Senior Director, Employee Experience at Citrix. Thank you, Amy.

Haworth: Thank you. This has been enlightening in so many ways and it’s a great conversation. Thanks for having it, Dana.

Gardner: And we’ve been here as well with Ray Wolf, Chief Executive Officer at A2K Partners. Thanks so much, Ray.

Wolf: Thank you, Dana. This is such an important subject and success is right around the corner.

Gardner: And lastly a big thank you as well to our audience for joining this special BriefingsDirect remote work innovation discussion. I’m Dana Gardner, Principal Analyst at Interarbor Solutions, your host throughout this series of Citrix-sponsored BriefingsDirect discussions.

Thanks again for listening, please pass this along to your business associates, and do come back next time.

Listen to the podcast. Find it on iTunes. Download the transcript. Sponsor: Citrix.

Transcript of a discussion on the current state of employee well-being and how new pressures and complexity from distance working may need new forms of employer-managed support. Copyright Interarbor Solutions, LLC, 2005-2021. All rights reserved.

You may also be interested in: