IT Spending and Practices in a COVID-19 World

To call the 2020 market “volatile” is an understatement. It seems we learn new information about novel coronavirus every day without actually moving toward a resolution. How do you plan ahead in a world turned on its head? Normally, businesses review past performance, assess current state, define desired outcomes, and consider market forecasts. A solid business plan factors in numerous variables and contingencies for things such as loss of key personnel, downfalls in revenue, market shifts, and even some natural disasters. But not many people think to make contingency plans in case of a pandemic.

Shifting IT Focus

In the beginning, there was quarantine. And quarantine led to work from home. Companies scrambled to move as many employees as possible, as quickly as possible, from an office building to their living room. In order to maintain business as usual (or as close to it as possible),  CIOs sidelined growth and transformation initiatives for the time being and turned their focus to “mission-critical” technologies and services to support a remote workforce.

That begs the question: What are “mission-critical” technologies and services in the time of COVID-19? 

First and foremost is business continuity. Strategists, human resources, and supply chains went into high gear to keep running as close to business as usual as they could. For IT, that meant any number of things:

  • Configuring remote capabilities for HR functions such as tracking hours, paid time off, sick leave, family medical leave, long- and short-term disability, and, for some even factoring in emergency time off for COVID-related absences.
  • Calculating and coordinating remote hardware and software needs.
  • Increasing bandwidth to support a greater number of employees tapping into the system remotely.

Then there are safety and security measures:

  • Acquiring and assigning VPNs for secure remote access.
  • Reinforcing internal security functions and programs against would-be hackers.
  • Educating the new remote workforce on safety measures against viruses, scams, spam, robocalls, phishing, and the Internet of Things in general.

All of this requires additional support both for and from the IT team.

IT Support at Home

No matter the occupation, everyone needs some sort of equipment to do their job. Businesses took various tacks to provide equipment. Some allowed employees to come in briefly in scheduled windows to pick up items. Others chose to mitigate risks of spreading COVID by closing off the building and sending employees what they need. Some businesses even offer stipends to help employees create and maintain a home office rather than providing all the equipment directly. However, not all businesses can afford to provide every employee a full computer set-up, allowing instead for them to use their personal computer for business as well.

While IT professionals are prime candidates for working from home, and a decent number of people can find their way around a computer easily enough, there are still some people who are not so tech savvy. If you’ve been in IT for a decent amount of time, you’ve heard the acronym PEBCAK: Problem Exists Between Chair and Keyboard. User error is real. Some people struggle to grasp technology with in-person IT help walking them through step-by-step at the office, much less all alone at home.

Now not only are businesses shelling out resources to make sure everyone has the appropriate equipment and resources, they also have to double down on IT support to acclimate new remote access users. 

Unexpected Cybersecurity Risks

Cybersecurity is always mission-critical; even more so with the host of unique risks inherent in a work-from-home situation. Managing cybersecurity within this unprecedented remote workforce requires more than an abundance of Virtual Private Networks (VPNs) — though you’ll want those too. In “The future of hacking: COVID-19 shifting the way hackers work and who they target,” Security Magazine writer Bill Dellisi notes maintaining steadfast cybersecurity goes beyond the right technology. It also requires: 

  • Training for employees
  • The right technology
  • Increased cooperation between the security teams and IT/network operations groups
  • And the one thing no one had right away: time.

Cyberattacks can be as limited as a single-unit virus or as devastating as massive breaches of private personal identification and high-security information. One heavy hitter throughout the pandemic is the ransomware attack. Once hackers get into your system, they lock it down, holding it hostage until a ransom is paid. According to MonsterCloud Cyber Counter Terrorism Expert Zohar Pinhasi, reported ransomware attacks rose 800% by the end of March. Some hackers aren’t satisfied with jamming or damaging company systems. Recent years have seen the rise of an even more nefarious attack. Doxware attacks take ransomware one step further. Instead of simply causing damage, they tap into sensitive information then threaten to sell it and inform all of the customers affected of the breach unless paid. 

How do attacks happen and what can IT do to prevent and fix the damage?

Remember those employees using their personal computers for work? BeyondTrust CTO and CISO, Morey Haber, lists several possible dangers of using a VPN on home computers rather than company computers:

  • Lower malware defenses
  • Multiple users
  • Lack of authority
  • Inability to secure host
  • Lack of protective resources

Hackers quickly found ways to exploit the security holes created by an unexpected mass move to a remote workforce. Without the ability to just drop by someone’s desk, email use increased, including a lot of informational communications regarding COVID from people you may have never heard of before. With so many messages coming in from all over the place, it’s easy to miss signs of phishing and click on through to a danger zone. 

Attacks also preyed on people’s fears, confusion, and even hopes regarding the coronavirus. Emails popped up here and there pretending to be COVID-relief or claiming to have important information about new dangers having to do with the virus. Since COVID-19 is a new, novel virus, it doesn’t take much to convince people to click for answers.  

It can be difficult to find a good work-life balance when your desk is the kitchen table. Then there are others in the house, especially children, who don’t understand that being home all day does not mean you’re available to play, answer questions, help with homework/homeschooling, or make a meal right then and there. Nor do they understand why they can use your personal computer but not your work computer. Getting up and down from the computer leaves it vulnerable to sticky, curious fingers less likely to recognize and avoid cybersecurity threats.

The Internet of Things (IoT)

Siri, Alexa, Google Home—one has to be smart about having a smart home. 

Education is key. Relaxed restrictions necessary to support remote access, less-than-robust home network security, and lack of cybersecurity preparedness all create openings for cyberattacks. Without proper management, you could end up with the cybersecurity equivalent of swiss cheese.

COVID’s Impact on IT Spending 

Opinions on market growth and decline varied going into 2020, well before quarantine orders and mandates. Some analysts, such as Forrester, forecasted a 3% decline in global tech market for 2020 and 2021. Gartner, on the other hand, projected IT spending to achieve a 3.4% growth over 2019. However, once COVID beset the country, many expectations took a steep dive, including Forrester, who’s 3% decline grew to an expected 20% downturn in IT spending.

As the year progressed, outlooks cautiously improved. Gartner, for instance, predicted an 8% decline in Global IT spending for 2020 due to COVID-19 in July. In October, it released new insight determining a 5.4% decrease in IT spending for 2020 with a forecasted 4% growth in 2021, attributing the positive turn to the growing digitization needs to support a remote workforce. 

What we see now is a cautious positivity and a move back toward innovation. Being forced into a remote workplace has opened up or accelerated opportunities for growth we wouldn’t have considered pre-COVID. It’s also revealed pain points and areas for improvement. Here on the back end of 2020, though, businesses are slowly settling into their “new normal – pandemic edition.” COVID-19 may have hijacked 2020, but it’s also propelled us into a new era of digitization both in business and personal life. 

Change is the Only Constant

The reality is that the coronavirus pandemic has changed business as we knew it. Nothing will ever be the same. That’s not necessarily a bad thing. We’ve learned maybe 2020 has a silver lining, after all.

More Stories