Insights
- Infosys learnt many valuable lessons from its digital transformation during the pandemic.
- The learnings have made the organization future-ready and resilient to turbulence, whether geopolitical or natural.
- The combination of remote working supported by the shift in delivering IT has led to an improved employee experience, with users reporting increased satisfaction.
The pandemic saw organizations worldwide rise to the occasion to ensure business continuity. They enabled remote work environments almost overnight, while ensuring cybersecurity.
Infosys too transformed itself during the pandemic, and is now a remote-first, cloud-first company. This brings many benefits, such as more than 290,000 employees possessing laptops and the option to work remotely, all members of the organization working on the same platform, and automated cybersecurity surveillance and patching, to name a few.
Lessons in transformation
While being fully remote was not on Infosys’s roadmap at the time, there was much to be learnt from the transformation. The organization got an opportunity to research from technology to the evolving work landscape and changing employee practices, to reinvent the workplace. The discoveries were a result of discussions with internal and external stakeholders, and peers across the IT industry. Their biggest learning was that organizations should always be future-ready with systems that are agile, resilient, built at scale, and connected, with the flexibility to be innovative while at the same time being secure.
Organizations should always be future-ready with systems that are agile, resilient, built at scale, and connected, with the flexibility to be innovative while at the same time being secure.
However, this requires organizations to transform themselves continuously, as is being done by Infosys. Some of the activities it has been undertaking include:
- Bolstering cybersecurity
With increase in remote work and use of cloud, the potential attack surface has also grown. According to the Infosys Knowledge Institute’s The Future of Work 2023 report, remote working is here to stay. With remote working related to talent retention, 65% of senior executives surveyed said that they are increasing remote working to attract and retain talent. Acknowledging this situation, Infosys has taken and continues to take multiple steps to bolster its cybersecurity in terms of the endpoint landscape, using multiple technology levers.
Every Infosys-allocated laptop or desktop system is certified with a hardened image to protect the device and the wider Infosys ecosystem from unauthorized data access. This also enables real-time monitoring and automatic remediation of any drift. All the systems are fitted with the latest operating system (OS) image designed to self-heal, resulting in reduced downtime and increased productivity.
The automated cloud-powered processes are set up to perform in-place upgrades of the OS to the latest build and ensure that all the software and tools are patched for bugs on a regular basis, reducing the threat of malware and ransomware. Multi factor authentication helps to ensure robust identity management. Removal of admin and USB access from employee laptops further helps harden the devices, while access to the Infosys Network is provided based on a posture check to ensure that endpoints – laptops, desktops, and mobile phones – comply with the organization’s security requirements.
- Empowering employees
This shift in thinking has helped move the organization to being a truly digital-first organization, meaning employees can work securely at any time and from anywhere.
Previously, employees would need to visit the office for an OS installation or upgrade; now, this is done remotely at a time that suits the individual.
Previously, employees would need to visit the office for an OS installation or upgrade; now, this is done remotely at a time to suit the individual. Additionally, more than 900 whitelisted applications have been made available via self-service for employees, where before they would have had to raise a ticket to get software installed. These measures have also meant new hires are productive from day one.
Advanced automated management frees up the employees to focus on the roles they all play in keeping the organization secure, as opposed to having to remember to run their updates.
- Practices in innovation
The team has been streamlining processes: for instance, delivery teams who needed to build and test solutions for multiple platforms – Windows and Linux – needed multiple devices. However, using a Windows 11 laptop with the Windows subsystem for Linux enabled means they only need one device. This has reduced costs, as the employee does not need additional laptops, as well as reducing admin overheads and boosting productivity.
This approach also works for customers: the team can also provide single build solutions both for Windows and non-Windows platforms. Additionally, Infosys employees working at client locations can be geo-fenced to make sure they only work from the approved location.
The IT team ensures that only customer-approved tools and software are installed on devices, with any drift from the configuration monitored and dealt with remotely and automatically. All of these measures mean that Infosys employees working with clients can be compliant with their security requirements, boosting confidence and business assurance.
- Protecting the business using tech levers
With work from anywhere and anytime being the new normal, employees have become more vulnerable to cyberattacks. To protect the business from ransomware and malware attacks and data theft, the Infosys IT team uses several tech levers such as security agents, anti-virus, data leakage protection agents, vulnerability management agents, and conditional access to perform posture checks before allowing any systems to connect with the Infosys network, apart from device freezes, disk wipes, and so on.
The combination of remote working supported by the shift in delivering IT has led to an improved employee experience, with users reporting increased satisfaction in their feedback.
Still going strong
Infosys is still reaping the benefits of this transformation. It has made the organization future-ready and resilient to turbulence, whether that is geopolitical or natural. The IT team has woven a digital fabric specific to business units, based on the access that each unit needs, and the tools they use to connect with clients and with colleagues internally, while restricting access to things they do not need. Additionally, employees are always connected to internal resources such as HR and tech support.
Another benefit of this approach is that the IT team has access to data and analytics. That means they can closely monitor the state and health of the IT estate, thus improving security and reducing downtime, and boosting the organization’s productivity.
The use of cyber mesh, a key component of a zero-trust network, is helping the team maintain a secure environment. Zero-trust works on the principle of least privilege, whereby any system is by default not trusted to access Infosys’s network. This means that employees are given only access to tools and software that are required for their immediate work. Access privileges are valid for limited periods after which they must be renewed.
The cyber mesh is built on three principles – secure by design, secure by scale, and secure by future – which ensures that data belonging to Infosys as well as its customers is well protected while employees are working flexibly.
Analytics have helped the team in taking data-driven decisions in almost real-time. Some decisions include observing the pattern of software usage and re-purposing licensed software that is not being used frequently by allocating it to someone else, leading to cost savings.
Analytics have helped the team in taking data-driven decisions in almost real-time. Some decisions include observing the pattern of software usage and re-purposing licensed software that is not being used frequently by allocating it to someone else, leading to cost savings. This approach also includes studying the pattern of system boot time, app crashing, “blue screens of death” crashes, and so on to apply self-heal or take other quick measures to reduce downtime and increase productivity.
Learning these lessons has helped the Infosys IT team enhance its delivery to clients. With the knowledge gained on endpoint digital transformations, cybersecurity, and vulnerability management over the past couple of years, the team has been sharing its learnings and expertise with client-facing teams, and becoming a part of client connects, to help in transformation projects related to modern endpoint management.