General security

Coronavirus predictions: What are the long-term workplace implications of COVID-19?

July 27, 2020 by Susan Morrow

Introduction: What will the world look like after the COVID-19 vaccine?

Human societies are often challenged by events out of our control. Extreme weather events happen and take with them many businesses and lives. Small-scale epidemics cause havoc in localities and countries. But one thing that we can say for humans is that we are always adaptable.

However, COVID-19 is a challenge like no other because of its global impact and unknown trajectory. It is stealing both our health and our wealth. In trying to rise to the coronavirus challenge, businesses that can adapt are doing so. But there are likely to be long-term implications of the virus. 

Here, I explore three possible changes to business-as-usual in the coming post-COVID-19 years.

Three key changes that we may see in a post-COVID-19 world

In a post-COVID-19 world, many things will stay the same and many will change. I can see three key areas that are already showing signs that the coronavirus has adjusted the way we do things. Here is my take on what may come to pass.

1. Working from home will become a common option and will need tech support

Over the last few months, there has been an avalanche of “how to work remotely” articles. Why? Because the COVID-19 pandemic has meant that many countries encouraged or enforced lockdowns. Mass numbers of people have had to open up home office spaces and work remotely. 

A UK survey found that about 60% of workers in the UK were working from home during the lockdown. It is noteworthy that in the UK, around 30% of the workforce have worked from home at some point over the course of a year, with 5% working from home a week before the lockdown.

Working from home requires some effort, though. In many ways, coronavirus has hit at a pivotal time. According to the 2019 State of the Cloud report from Flexera, 94% of organizations use some form of cloud infrastructure, and 91% use a public cloud. This means that many organizations are already set up to handle remote working to some extent.

Much of the requirements around remote working, to date, have been to allow business travelers to continue to pick up emails and collaborate on projects. There were around 445 million business trips every year before coronavirus struck. Chances are that this will be significantly reduced in the coming years; however, the facility to allow for business travel will come in useful during the continued lockdown, subsequent lockdowns and as employees find that working from home is a good option.

Post-COVID-19 security

Along with cloud computing comes many associated considerations, not least of all security. Working from home and associated security measures are a whole new area of cybersecurity strategy and policy that organizations need to be prepared to tackle. 

When cloud computing came along, it removed the older network perimeter that created a closed wall around an organization. Now, we have gone beyond the cloud and use it instead as a backbone for fluid and disparate communications. Much of this communication is sensitive or proprietary business data. This can be in the form of verbal discussion in online meetings or part of the digital data flow across mobile and cloud apps via cloud datacenters.

Post-COVID-19, we must continue to harden our security beyond cloud computing, ensuring that endpoint devices, digital assistants and even wearables like an Apple Watch are not potentially leaking company data. 

New era predictions: Working from home

I expect to see, going forward into the new post-COVID-19 era, an emphasis on:

  • More regular working from home as an option by companies who are in a position to offer it
  • Acceleration of cloud infrastructure to handle remote working
  • Managed Security Service Providers (MSPs and MSSPs) who offer working-from-home cover
  • Remote security becoming integrated with security awareness training packages
  • Security policies embracing remote security practices
  • Organizations such as the National Institute for Statistics and Technology (NIST) updating and highlighting existing advisories on remote work and security
  • Privacy and remote working being expanded to be included in data protection regulations

2. Industry conferences will embrace the semi-virtual

In the last few years, conferences have become a massive business. If you take RSA 2020, for instance, the conference was held just as the coronavirus took hold in the USA on March 2, 2020. Still, the conference had 36,000 attendees, while RSA 2019 had 42,000. 

That is a lot of flights and hotel bookings. A lot of meals, much public transport being used and many drinks in the bar. Conferences are fun, informative and a great way to network. But they cost businesses a lot of money. 

COVID-19 has seen many conferences shutting their doors or at least exploring new models of the “virtual conference.” One of the largest Identity conferences, “KNOW Identity,” had to postpone its conference until December this year. Instead, the conference leaders have innovated and introduced a series of “Identity Forums” where people working in the space present their ideas and know-how to a digital audience via video. The forums are also designed to accommodate digital networking. Post-COVID-19, this model of the virtual conference may be a lot more common.

COVID-19 brings climate change and disability into sharp relief … 

COVID-19 has forced conference teams to rethink their models. Because of the attention that COVID-19 has brought to bear on the way we work, other issues are drawing attention. 

Conferences are often difficult for disabled and chronically ill speakers to attend. I was unable to attend a conference at The Hague earlier in the year, because of a chronic condition I have. Instead, I was able to present at the conference virtually, speaking on identity and data sharing from my home office. 

Health issues, including COVID-19, are one barrier to real-world conference attendance, but then we also have the climate change bomb to deal with too. As COVID-19 has hit the ability to travel, we have seen the natural world reappear where once it felt lost. Conferences involve travel — lots of travel. This costs the Earth as well as the business.

Figures show the ECPR General conferences CO2-e emissions were between 0.5–1.3 tons, on average, per attendee. At the Montreal conference of 2015, it was 1.9–3.4 tons per attendee. Just as a comparison, the average global per capita CO2 emission in 2014 was around 4.0 tons.

If you’d like to see how many tons of carbon an event you are organizing will generate, check out the MyClimate calculator.

A number of folks in academia, who do a lot of traveling to conferences, are beginning to question the whole F2F conference circuit. A recent article by environmental scientist John Quintin entitled “Cutting the carbon cost of academic travel” says:

“We as academics need to take personal responsibility, too. We could start by ensuring we value local and national research as well as international; combining journeys when travelling abroad; taking direct rather than indirect flights; and reaching for the phone or video call rather than the plane. Set a target for yourself to replace at least some of your plane trips with less-carbon-intensive forms of travel and, finally, if you have to travel: offset.”

In our post-COVID world, we may find that virtual conferences are more convenient and don’t cost the Earth. And let’s face it, we as tech industry folks — if we can’t make conferences virtual, then who can?

COVID-19 new era predictions: Industry conferences

I expect to see, going forward into the new post-COVID-19 era emphasis on:

  • More conferences that have at least partial virtual options
  • Fully virtual conferences
  • Virtual conferences about innovations in virtual conferences!
  • Eventually, virtual reality conferences
  • Conferences hosted on Fortnite and other popular platforms

3. The new identity

In the end, everything comes back to identity. But perhaps identity is a misnomer in our post-COVID world? Perhaps, instead, digital identity will become the backbone of everything we do in a virtual context.

In the past few years, the notion of zero-trust security has raised its head. This is a set of principles based on the ethos of “never trust, always verify.” In a nutshell, you always check who it is and which device is being used whenever an access request is made. 

The “always verify” piece is a key requirement of the approach. Moving into a post-COVID-19 world, digital identity is likely to become a much more all-encompassing technology.

What do I mean by “new identity”?

Digital identity has been going through a quiet revolution in the last few years. The old “enterprise identity,” which was based on internal directories and administration via an internal system, is long gone. Cloud computing did this. Online accounts everywhere did this. 

The merger of a “corporate identity” and a “consumer identity,” which was becoming ever fuzzier, is likely to be seamless in the coming years. But this also means a new approach to digital identity. 

Verification is a key requirement of this new world identity. Being able to check a person requires the ability to call “verified claims” about that person. These claims can represent any aspect of an individual that has been checked in some manner. For example, there could be a verified claim that an individual is a member of a professional body or that they are over a certain age.

Post-COVID, I expect the concept of digital identity to mature, allowing for seamless use of identifiers for both corporate and consumer use. We achieve this by using existing technologies such as identity and anti-fraud checks, behavioral analytics, privacy-enhancing technologies and risk-based authentication, and by using data orchestration middle-ware to pull the whole together — a true situation where the “whole is greater than the sum of the parts.” Digital identity will then truly come into its own, acting as a backbone to all manner of online services and apps.

COVID-19 new era predictions: Digital identity

Going forward into the new post-COVID-19 era, I expect to see an emphasis on:

  1. Digital identity will mature enough to become the backbone of the extended workplace
  2. Digital identity platforms and services will spring up that can handle both corporate and personal access requirements
  3. These platforms will be much more flexible in how they orchestrate the data required to create robust and secure digital identities
  4. The digital identities created using these post-COVID-19 services will be able to be used across federated services

Remember, out of bad things, good things can come. We need to keep that in mind when this pandemic subsides. The future is ours to know … and ours to control.



  1. Working from home statistics, Finder UK
  2. Coronavirus and homeworking in the UK labour market: 2019, Office for National Statistics UK
  3. Cloud Computing Trends: 2020 State of the Cloud Report, Flexera Blog
  4. Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security, NIST
  5. 93 Critical Business Travel Statistics: 2020 Spending & Concerns Analysis, FinancesOnline
  6. Sebastian Jäckle, “WE have to change! The carbon footprint of ECPR general conferences and ways to reduce it,” European Political Science, 2019
  7. Cutting the carbon cost of academic travel, Nature Reviews Earth & Environment
  8. Is the digital identity layer missing or just misplaced?, CSO
Posted: July 27, 2020
Susan Morrow
View Profile

Susan Morrow is a cybersecurity and digital identity expert with over 20 years of experience. Before moving into the tech sector, she was an analytical chemist working in environmental and pharmaceutical analysis. Currently, Susan is Head of R&D at UK-based Avoco Secure. Susan’s expertise includes usability, accessibility and data privacy within a consumer digital transaction context. She was named a 2020 Most Influential Women in UK Tech by Computer Weekly and shortlisted by WeAreTechWomen as a Top 100 Women in Tech. Susan is on the advisory board of Surfshark and Think Digital Partners, and regularly writes on identity and security for CSO Online and Infosec Resources. Her mantra is to ensure human beings control technology, not the other way around.