The future of work is hybrid: why city and county workers need secure remote access

With the United States now leading the world in the rollout of vaccination programs, there’s a sense of optimism that many aspects of life may soon return to normal. But the big question for city, local, state and federal government agencies of all sizes isn’t necessarily about how to safely bring employees back to the office, but whether they actually should—or even need to—bring employees back.

Regardless of whether it’s physically safe to return to our workplaces, there’s a lot more going on behind the scenes. At the city and county level, especially, there are always going to be some roles that involve direct interaction with the public and vendors, making an office environment a necessity. But for others, that may not be the case.

According to a survey conducted by PwC, private sector companies are bracing for a new, much more flexible “hybrid” work environment where employees work part-time from home and part-time from an office. Offices aren’t expected to disappear, but they may be transformed into shared spaces with more hot desks.

We’re already seeing this play out, with large companies like Ford announcing plans for its non-production workforce to move to this kind of hybrid working environment rather than rushing back to the office. In an interview with CNBC, Ford’s chief people and employee experiences officer, Kiersten Robinson, expressed what we’ve already come to realize: “If there’s one thing we’ve learned over the last 12 months, it is that a lot of our assumptions around work and what employees need has shifted.”

Sweeping changes

What does this mean for local government agencies, already stretched for manpower and lacking the budgets of private corporations? Will the expectations be different? Will government employees be given freedom and flexibility to choose their own schedules? The short answer is yes, probably, but it’s going to be messy for a while. The important factor is that remote work is here to stay, so public and private sector organizations will need to provide tools that make remote working just as secure and productive as it would be in a typical office environment.

The experience of first responders and public safety teams can perhaps lead the way. For years, these organizations have focused on being out in the field, relying on a mixed bag of patchy Wi-Fi and cellular networks, and constantly switching between connections as they moved.

In the case of Coweta County, Ga., replacing a persistently crashing VPN with a more modern remote access solution gave their front-line personnel stable, secure connections. “It was very common to have between three to five deputies lined up at my door because they couldn’t connect,” said Systems Analyst Josh Chambers. “But now we’ve taken connectivity problems out of the equation, 100 percent.” The county invested in tools that not only gave it better security and connectivity, but greatly improved visibility of their distributed workforce for IT.

Similarly, Harris County, Texas, the third largest county in the United States, quickly recognized the importance of mobility, reliable connectivity and productivity for its first responders using AT&T’s FirstNet network. “Our first responders have an optimized, resilient connection to the new public safety broadband network from wherever a call takes them… We always have access, even when we’re in rural areas. Ultimately this helps deliver the information our officers need to stay focused on protecting and serving the public,” said Shing Lin, director of public safety technology services, Harris County Central Technology Services.

Start at the beginning

Today, with the realization that many of our city and county workforces may permanently be distributed, it makes sense to give all employees secure remote access tools that protect and enhance the work experience.

Security must be a top priority in any remote working strategy. The big reason for this is that distributed workforces don’t have the safety net of a secured office environment, making them potential targets of cyber-attack, and more vulnerable to risky URLs that would normally be filtered out by firewalls and other security devices.

The best advice is to start down the road to deploying a secure access service edge (SASE) framework, relying on SD-WAN, zero-trust Software Defined Perimeter tools, mobile VPNs, firewall-as-a-service (FwaaS) and other cloud-enabled network and security solutions. Most organizations—public and private—have many elements of SASE in place already. That’s great news for town and county governments, as they won’t need a huge investment or a massive forklift upgrade in order to improve the work experience of their employees, whether at home or in a traditional office setting.

Sensible timeline

Finally, it’s worth noting that any journey to SASE doesn’t necessarily have to be rushed. In most cases, upgrades can be done over three, four or even five years, starting with upgrades and optimizations to the VPN in the first year, followed in the second year by zero-trust network access, and an eventual move to a cloud VPN. The process can be gradual and done in a cost-effective and non-disruptive way.

There’s no doubt that the coming months will bring another wave of change to our workplaces, but this time organizations can choose to be better prepared for a distributed future. The bad news is that government and public safety organizations are often the slowest to implement new technologies, such as SASE, putting their workers at a distinct disadvantage. The key is to start the journey as soon as possible, taking gradual steps over time.

Jay Klauser has more than 20 years of enterprise mobility and security experience. He has led global mobile device deployments for Fortune 500 companies as well as worked for leaders in the mobility and mobile security industry. Klauser is currently the vice president of security alliances at NetMotion Software where his team helps NetMotion customers and security partners optimize, manage and secure their mobile user deployments.