IT and tech security are critical in a flex-space operation. But it’s seldom addressed. More times than not, it’s an afterthought. The problem with being reactive instead of proactive about IT and network security in a flexible workspace is that once a breach occurs, it’s not an easy fix. The complexity of a multi-tenanted environment makes it difficult to implement a sound tech solution that is also member friendly. The two aren’t mutually exclusive but it does take some experience to get it right.
In a recent webinar, a panel of industry experts discussed the tactical and strategic considerations to secure a flexible workspace operation and its occupiers. The webinar covered a lot of ground, but below are the top tech security considerations for your flex-space operation.
The Tech Security and Member Experience webinar panel included: Liz Elam, Executive Director of GCUC, Rob Trainor, IT Director of Carr Workplaces, Ari Kepnes, Director of Market Research at Density, and James Shannon, CPO at essensys. Watch the full event here.
In this article:
I. Are you able to answer the right tech questions?
The flex-space market is growing. With maturity comes more awareness of the breadth of requirements and service levels varying tenants have. In some cases, the shift from corporate IT networks to shared networks in a flex-space has left a gap in user awareness of the risks of connecting to the internet. As a result, your tenants aren’t asking the critical questions about security and internet access that they should be asking. This begs the question: are you able to answer complex questions about IT and tech security levels?
For corporates moving to flexible working models, you must be able to demonstrate that your tech can fulfill strict headquarter IT requirements. For example, explaining how the network is deployed, secured and administered, offering segregated traffic with VLANs, public IP addresses to deploy their own endpoints and manage their own user networks, and even co-locating equipment securely on-premises. You can also expect questions around your network and Wi-Fi hardware, resiliency, redundancy, and general connectivity offering.
For other tenants with less demanding requirements, you can distinguish your proposition by educating them on the benefits of security that they wouldn’t have otherwise considered. Many flex-space tenants lack IT and security leaders. They look to you, the workspace operator, to guide and support them on tech services and insight.
II. Security Can be Your Differentiator
In today’s market, differentiation is vital. The number of niche spaces has increased, and flex-space operators are standing out in a growing market by way of service levels, premium furnishings, unique workspace design, and in-house roasted coffee beans. But some operators are paying less attention to security, tech services and sophistication of experience. As flex becomes the new normal, ambitious operators that are getting their ducks in a row now will be one step ahead of the game when these undervalued components become big-ticket items.
III. Not all Wi-Fi is Created Equal
Don’t take the security of your Wi-Fi at face value. Home, coffee shop, and flex-space wireless networks are all very different under the hood. Your home network is relatively safe, considering you know who and which devices are connected to it. Although passwords are still widely used to prevent snooping neighbors and bandwidth theft.
Meanwhile, coffee shop networks are open and shared by all users. They are risky because shared passwords are rarely changed. Any user can hack into another device on the network if they’re savvy enough.
When it comes to flex-spaces, open networks are simply out of the question. Multiple companies sharing the same network and password doesn’t bode well with corporate occupiers, not to mention the risk it poses to your operation and brand reputation. Private, encrypted networks that restrict access to users based on uniquely assigned usernames and passwords should be the default for flex-space wireless networks. This also makes it easy to disable users when they leave and helps to prevent bandwidth theft and inconveniencing members to reconnect with a new Wi-Fi password.
Secure wireless networks, unlike coffee shop or home networks, can split traffic to multiple tenants within the same workspace. Not only does this ensure security, but it also helps network performance as each tenant has an allocated amount of bandwidth. To be attractive to enterprise tenants your flex-space tech should provide VLANs and private IP addresses, completely private network usage, and segregated traffic. The objective is to deliver on the varying tech needs of multiple tenants under one roof from the same physical infrastructure.
IV. Avoid Tech Shortcuts at All Cost
Historically, the flex-space market has always had an entrepreneurial flair. Operators used to be more willing to take a scrappy approach to workspace operations. But they’re growing up. In today’s market, table stakes are higher – investment, tenant expectations, potential partnerships are all at risk. Taking shortcuts with IT is an easy trap to fall into. Shortcuts might look like a DIY shared Wi-Fi network or multiple third-party services cobbled together. They almost always look like a lower investment – which is appealing at first glance, but quite a headache when you start peeling back the layers.
Taking a thorough approach to flexible workspace technology and security upfront can prevent problems down the line. As growing your brand becomes more viable, having secure and scalable infrastructure makes it easier to open new locations and deliver tenants the services they need quickly and easily. Investing in a platform to support your flex-space business earlier on prevents the multiplicity of various third-party vendors, multiple logins, systems, and platforms that don’t speak to each other. The result is a less than ideal member experience, compromised systems and networks, more significant investments, and frustrated staff. Putting the infrastructure in place from day one is less painful and less expensive than back-fitting it to meet customer needs.
Many tenants will simply assume your tech is secure. Demonstrating upfront to prospects and customers that you’ve considered tech security mitigates problems down the line and prevents embarrassing conversations.
V. Hierarchy of IT and Tech Security Needs for Flex-Space
To secure your flexible workspace, consider the following hierarchy of needs.
Having to grant and manage access to multiple entrances in a building is a primary security consideration but it can cause friction in the member experience. From the building, the floor, the workspace, and even the meeting rooms within the space, door access control can be complex. The key is to make it as seamless as possible for members while maintaining a safe environment protected from thieves and malicious users. Utilizing the same technology – whether smartphones, key fabs, or RFID cards – and combining systems where it can be tracked in a single view is preferable to members having multiple access mechanisms that can be lost, stolen, or misplaced.
Cyber and network security
As mentioned above, an encrypted, private network accessible only with unique usernames and passwords should be the default in a multi-tenanted environment. Cabled connectivity is also a key consideration. Installing at least two ports per room or office allows the ability to scale up and add higher levels of security in the future. Wired connections also reduce the strain on Wi-Fi networks, improving connectivity performance for non-resident members.
A secure voice platform prevents attacks, keeps data secure and reduces the risk of expensive security breaches. Separating voice and computer traffic onto different networks mitigates the chance of compromising data. Lax security can result in attackers accessing voicemail and forwarding traffic to a premium number, which could rack up an expensive phone bill for the voice provider. Enterprise-grade security safeguards networks with complicated passwords and limited network access to prevent deliberate and malicious infringement upon the system.
BYOE (bring your own equipment)
Your tenants may decide to bring in their own networking equipment. If that’s the case, you’ll need the ability to offer them a Public IP address to get out to the internet. Although they’ll install and manage their own equipment and network, it’s sensible to provide them with a sound and secure infrastructure to layer their own stack on top of.
If smart building and IoT is a consideration at any point in the future of your operation – think sensors, facial recognition, wellness technologies, or other tools that enrich data on space usage – a secure network and platform management system will be critical. The more devices connected to your network and the internet the higher the risk of security breaches. A recent report showed that 37% of computers used to control smart building automation were attacked in the first half of 2019. Don’t leave it up to chance. Technologies of the future require enterprise-grade security.
VI. Strategic and Forward-thinking IT and Tech Security Considerations
Some operators are ahead of the curve in terms of service levels and offering. As the market continues to mature, occupier expectations around workspace sophistication and experience will grow more demanding. Forward-thinking providers are beginning to integrate technologies to create a complete ecosystem that caters to members and leverages data-driven insights. Space occupancy sensors, CO2 measures, and wellness features within buildings and workspaces can offer compelling data. But few operations can capture, analyze, and secure multiple data sets to paint the full picture of what’s happening in the workspace.
Aside from consolidating data, you should be thinking about who owns that data and who has the right to use it. The flex-space industry is a Business to Business to Consumer market. Data about the users within a space is critical to understand how to improve the member experience and get closer to tenants. In this regard, privacy and security are tightly coupled.
VII. The True Fear Factor of Cyber Security
On a recent podcast, Jamie Russo, the Executive Director of the GWA said, ‘it’s not a problem until it is one.’ She was referring to security. It’s perhaps not a sexy topic, and it’s difficult to fix once you’ve had a security breach. The key is to be proactive about it and approach it as a value-based advantage to enrich the member experience and educate tenants on how tech security can safeguard their business.
Failure to understand the significance of a cyber security is often due to limited knowledge about the types of security breaches and what’s at stake.
- Commercially sensitive information can be compromised. Your tenants almost certainly have private plans, insider information, employee and customer data that must be under lock and key. Their corporate headquarters may have strict IT governance procedures for data security.
- Regulatory compliance laws such as GDPR in Europe threaten severe penalties by law if any personal data is leaked or misused. Where data is stored and how it’s managed is critical. Ensuring sensitive information is safe from security breaches is paramount.
- Malicious attacks are generally targeted from outside an organization and tend to attract negative press. Cyber attackers can target companies with blackmail and high ransom fees in return for network control. Networks susceptible to security breaches leave passwords, banking, and personal information vulnerable to attackers.
The bottom line is not to gamble when it comes to cyber security. Flex is the new normal and to distinguish your business it’s critical to deliver on all tenants’ needs. To prevent headaches and collateral damage, don’t let tech security be an afterthought.
Join the world's leading coworking spaces
Get free industry insights and resources delivered directly to your inbox.