3 Core Security Requirements For Flexible Workspaces

• Workspace security can be broken down into 3 core tiers: physical, network, and cyber security.
• With many companies transitioning to flexible space as a result of the pandemic, a high level of security can be a key differentiator and a selling point.
• A recent webinar focused on core workspace security requirements, featuring experts from essensys, iQ Offices, and PlacePay.

---

Security can be a dry subject. But when you’re working to attract new members to your workspace — particularly larger clients that are transitioning from traditional offices to flexible space during the pandemic — it’s a subject that demands full attention.

A recent webinar hosted by essensys and the GWA discussed security requirements at length with the help of an industry leading panel:

• Kane Willmott – iQ Offices
• Jack Richer – PlacePay
• James Shannon – essensys

During the 45-minute session, moderated by essensys’ Amanda Fanoun, panellists shared insights including the three core security requirements workspaces should have in place, and how the right tech infrastructure can become an important selling point for future clients.

3 Core Security Requirements

James Shannon from essensys addressed the topic of security by visualising it as a three-tiered pyramid:

1. Physical security: The base layer is everything related to physical security at your workspace, such as access to the building, to individual offices, and to meeting rooms. This includes how access is granted — such as key cards, or smartphone access — and how this is managed. Is it a manual process or is your platform capable of automatically granting access once membership is activated, and terminating it once the membership term ends?
2. Network security: This layer relates to who can access your WiFi, how they access it, who uses the network, and how log-ins are controlled.
3. Cyber security: According to Shannon, this is the tier that is often forgotten about but is incredibly important, as it’s a “moving target” that can be difficult to manage. It covers everything from malware and phishing to payment processing, compliance, and email security.

Interestingly, these core requirements correlate with some of the biggest pain points workspace members face, as revealed by Instant Offices.

In this research, many pain points fall into the ‘Network Security’ tier — such as WiFi connectivity — which can also be the source of problems related to the top tier, Cyber Security. However, aspects such as door access control (‘Physical’) are also a common frustration.

According to Shannon, enterprise customers are usually the most demanding when it comes to tech requirements, but where security is concerned, every member has the potential to have enterprise level requirements.

With many large clients now transitioning to flexible space as a result of the pandemic, workspace operators should “plan for the most complex tenant” and be prepared.

“It’s very difficult to put comprehensive security in place quickly, reactively,” he said. “It’s the foundation of everything you do. Think about it early, so you have confidence that you can support any enterprise customer that walks through the door.”

Security as a Selling Point

For Kane Willmott, comprehensive security is one of iQ Offices’s key selling points for clients of all sizes, which often includes small businesses who don’t fully appreciate or understand the need for secure connectivity.

“For us, it’s part of our sales cycle. It’s our differentiator.”

By having a robust infrastructure in place, Willmott notes that they can often fulfill the majority of enterprise level requirements and save new clients from having to make upfront investment. This is particularly valuable for companies making the switch from traditional office space to coworking as a result of the pandemic.

“We’re finding that a number of these groups are coming into our spaces and realising that we’ve already got what they need. They don’t need to invest in security measures upfront — they can tap into ours.

“Our business is offering flexible space with no upfront investment, and it’s the same on the tech side.”

Is It Worth the Investment?

In an ideal world, every workspace would offer a robust tech infrastructure with enterprise level security and automated processes.

But is it worth the investment?

For PlacePay’s Jack Richer, it comes down to the threat of exposure and the value you place on your reputation.

“Not all risks are readily apparent — it’s tough to quantify,” he said.

“You don’t know until something happens what that exposure looks like. What impact would a security breach have on your business, and the people who use your space? You don’t know how expensive it could be until it happens.”

Essentially, it’s the potential risk of exposing client data and the cost of rectifying the problem — but also the intangible yet “extremely disruptive” impact of loss of trust and the damage to your reputation.

The Biggest Threat is “simple human error”

Often, the biggest threat for all three security tiers is “simple human error”, according to Shannon.

By reducing manual intervention — such as manually revoking a membership — workspaces reduce the potential for human error and free their staff from time-consuming admin duties.

That’s why it’s important to consolidate your workspace security processes into as few touch points as possible.

This also ties into the member experience.

“From logging into the WiFi, to physical access, to ‘bring your own device’ — such as members bringing in their own Sonos speaker for their office — there are lots of different areas where members interact with the space. These all touch your security boundary.

“The more you can tie that into one system, the easier it becomes to manage your space’s security and the less friction you impose on your members.”

For Shannon, the best way to manage security is to start early, and keep it simple.

“You don’t want your managers spending time on technology. Find a consolidated platform you can rely on, that allows you to manage all of your operational and security requirements with a single touchpoint.”

Watch the full webinar in full here