LogMeIn’s CIO, Ian Pitt, discusses the advantages of going remote and finding the balance between user preferences and security.
Ian Pitt is senior vice-president and chief information officer at LogMeIn, a SaaS company offering remote access, support and management tools for businesses.
Pitt joined the company in 2016, bringing more than 20 years of experience leading business process management and optimisation, industry compliance and governance processes and cybersecurity. Prior to joining LogMeIn, he held a number of CIO and CTO roles.
‘Solutions that require users to connect to a company’s physical location are starting to be heavily scrutinised’
– IAN PITT
Describe your role and your responsibilities in driving tech strategy.
I am responsible for business applications, cybersecurity, governance, corporate IT and product operations of the global company.
As an organisation that is charged with keeping the lights on, keeping the bad actors out of our systems and allowing our customers to interact with us, the CIO team provides best practices for technology implementation, secure working practices and operational rigour.
With the pandemic well into its second year, our focus was redirected to bolstering an infrastructure and culture that fit the remote workforce, both to provide our employees with the tools and policies they needed to continue operations and maintain their productivity, as well as improving and streamlining offerings for our customers.
Are you spearheading any major product or IT initiatives you can tell us about?
We are well into our transformation to a ‘work from anywhere’ organisation and some of our major initiatives are closely related to unlocking the power of the modern workforce.
We’ve always been able to work remotely but never considered this scale until Covid-19 forced it upon us. To keep the company operating in this way, we’ve adjusted the IT portfolio of tools, aligned teams to being office-free and increased our ‘zero touch’ systems management tools.
How big is your team?
The CIO organisation at LogMeIn covers a broad range of services and technology including cybersecurity, operational governance, corporate IT, business applications and product operations, consisting of nearly 500 employees working and collaborating from all over the globe.
We don’t outsource teams as a matter of course within the CIO teams but, given our global reach and operations, we do have the luxury of selecting the right locations for hiring that balance skills, time zone cover and economic factors. This also gives us total control over the quality of our hires, which is key in maintaining the great reputation the teams have within the company.
What are your thoughts on digital transformation?
For us, digital transformation is not just back-end digitisation of assets and processes, it’s enabling a digital user experience where technology drives greater productivity and engagement.
Digital transformation is at the core of what we do at LogMeIn for both our customers and our employees. We strive to create a friction-free digital experience, which requires a delicate balance between user preferences as well as security and governance requirements. Striking this balance and providing a consumerised IT experience is critical to succeed.
As a company, LogMeIn is in a unique position in that we produce some of the tools that facilitate digital transformation ourselves. In fact, our employees turned into early adopters, and everything remote work-related was engrained within our culture before the pandemic began last year.
In order for true digital transformation to take shape, this is the level of immersion and engagement organisations need. It is a full undertaking, not only implementing technology, new tools and processes, but also educating the workforce and creating a digital culture.
What big tech trends do you believe are changing the world and your industry specifically?
Given the continuation of remote work and the expectation of this to extend beyond the pandemic, remote access management is a big trend to pay attention to.
As we continue to shift to long-term remote work, supporting staff from any location will be the main driver for many companies. For this reason, remote access management is becoming more engrained within IT teams, advancing their use of SaaS and reducing their on-prem footprint. In fact, solutions that require users to connect to a company’s physical location are starting to be heavily scrutinised – the challenges and complexity they add are no longer acceptable.
It comes as no surprise that in the post-pandemic world, physical locations will no longer be an operational necessity and organisations will shift from infrastructure ‘on-site’ to cloud services that provide more flexibility. As part of this remote access, organisations and their IT departments need to put zero-touch device delivery in place to mitigate additional steps and delays.
Additionally, bring-your-own-device (BYOD) policies are coming into consideration as a way to simplify supply chains in the new remote environment. This approach should not be viewed as a relaxation of standards or weakening security methods if it’s coupled with zero-touch provisioning.
Overall, moving away from a hub-based support model provides a unique opportunity to instil a cloud-like model into the organisation. As ‘work from anywhere’ becomes the norm, organisations have the opportunity to leverage remote work management tools to simplify the workspace, lower the infrastructure management burden, balance workloads, and in turn, lower IT service desk calls.
In terms of security, what are your thoughts on how we can better protect data?
Protecting data is a critical issue for all industries as threats continue to evolve and remote work is expected to continue beyond the pandemic. Often, the most common security challenge protecting data is adhering to the best practices and basic security defences.
To enhance and tighten security there are a few steps that we recommend organisations follow to keep security data secured:
- Know what systems and services you have – knowing what actual assets you are using is the first step to be able to protect them; you cannot secure what you do not know
- Most hacks exploit known vulnerabilities, so keeping systems up to date and free from those vulnerabilities through patches should be very high on the priority list of standard practices
- Implement an access management tool – this not only helps reduce login potential risks, but also provides the IT team further visibility into who has access to specific resources
- Go passwordless – IT teams are spending an average of six hours a week on password-related issues alone, something that can be significantly reduced by implementing single-sign-on or biometric authentication
- Encourage cyber-smart behaviour – the human element is usually the weakest link in the security chain, with workers failing to change default passwords or using the same credentials across multiple accounts; this is especially true when no emphasis has been made on security awareness
Want stories like this and more direct to your inbox? Sign up for Tech Trends, Silicon Republic’s weekly digest of need-to-know tech news.