Optimising working from home by focusing on employee wellbeing and data security

How would the world have coped if COVID-19 had struck ten, five, even three years ago?

Would we have had the technology to see us through? Or would society – and businesses – have been even more by disrupted the pandemic, with worse again social and economic outcomes?

In many ways, the crisis has been technology’s greatest moment – a global shift that has seen millions and millions of people working from home and living ‘virtual’ lives through computers and mobile devices.

Unsurprising, perhaps, to see this quantified so resolutely in Amazon’s Q3 2020 results (published at the end of October): net sales increased 37% to $96.1bn y-o-y; operating income at $6.2bn vs. $3.2bn in Q3 last year.

Ten months into the working-from-home (r)evolution, and there are some strong lessons that have been learnt about how to make “virtual working” work. Given society is unlikely to normalise until at least Q2 2021 – vaccine depending –, optimising the use of technology and helping employees to work as efficiently and effectively from home remains critical to economic success and recovery.   Indeed, many think a hybrid mode of home and office working will become the new “normal”.

Two of the most important issues for businesses to focus on are, in our view, how to support employees in a home working environment to be safe and productive; and the need to remain focused on IT security at a time when remote working and a dislocated workforce can represent significant operational risks.

Working from home ‘optimisation’

Providing employees with the budget to source their own tech is the wrong approach.  Personal choice of kit fuels a firestorm of support and security issues for the IT team and frustrated users.   Firms that have provided laptops (or similar hardware) with the same specification and core software as used in the office have benefitted from a centralised support process and standardised cyber security framework. Management and support become much more efficient and far less risky.  Users can concentrate on the work they need to do instead of fighting with their home-working kit.

Wireless “tech” – keyboards, mouse, headphones, cameras, speakers – have also come to the fore, increasing flexibility and employee comfort. Given the variable performance from private broadband – and the security issues in shared home environments –  many businesses have started to provide business-class broadband to home workers as part of a unified comms – internet, telephony, video conferencing – solution for their home workers.  This recognises the need to ‘professionalise’ the home working environment, recognising how we will work in the future.

A study^[1] published by Boston Consulting Group in August this year, which surveyed 12,000 people globally, found that employees who are satisfied with their ‘workplace’ tools while working from home were around twice as likely to have maintained or improved their productivity on collaborative tasks as those not satisfied with their tools.

Indeed, many companies have begun, rightly in our view, to put much more thought into the ‘at home’ working environment – providing employees not just with the right tech but with the right chairs, computer stands, and other ergonomic devices.

As most of us now know, a kitchen table and chairs are a lot different than sophisticated office desks and chairs – from both a health and productivity point of view.

Research^[2] by the Institute for Employment Studies in the months just after the pandemic hit found a “significant increase in musculoskeletal complaints”, with more than half of those surveyed reporting new aches and pains, particularly in the neck, shoulder and back areas.

What should businesses do? At Livingbridge, we believe employers should ask the right questions and encourage employees to ‘not put up with’ what they have and request what they need to work. We also believe best practice means firms should think through the combination of tech and working environment to ensure good provision is made and can be managed from an IT perspective.

The increased focus on IT security & Cloud based collaboration

As businesses grapple with a decentralised and virtual working environment, data and information security has become a key element in how firms maximise the effectiveness – and wellbeing – of employees working from home.

The best IT architectures offer remote workers technical security processes that ‘just work’ in that environment and do not require users to do anything new or different.

One thing missing by not ‘being in the office’ is the benefit of asking someone a quick question, or quickly checking through someone else’s work at request. To counter this, many businesses have encouraged the use of tools that allow for informal collaboration and instant messaging, such as Slack and WhatsApp. While these are great for fast communication, these platforms can represent big security risks.

It’s not the messaging platforms themselves – mostly they are very secure – but how people use them and the unintended ability to bypass standard, secure processes.  You must be clear about how such apps should be used and when they should not.  For example, they are very good as a “second factor” way to validate a request for a financial transaction between colleagues but don’t use them to instruct the transaction in the first place.  Your standard operating procedures should make that clear.  And you need to constantly re-enforce the need to stick to those procedures.  Tricking your home-workers into bypassing them is what the cyber-attackers will try to do.

For businesses, it is also critical to think through how they want people to share information. We believe in the golden rule: share information centrally, on a shared, cloud based system.  That keeps it in one place and secure.  There are plenty of options but make sure you go with an enterprise class service that fits with your overall security architecture

Multifactor authentication as a means to keep access to systems and data secure has proved vital, and its use should underpin any IT security infrastructure. Microsoft itself has said^[3] in the past that users who enable multi-factor authentication (MFA) for their accounts will end up blocking 99.9% of cyber-attacks.

Ultimately, the process for working from home, including IT and data security, should be just as fit for purpose as in-office processes. In fact, there should be no difference. This includes financial security, such as the signing of contracts, controlling confidential information and compliance with GDPR procedures for protecting personal data.  They need the same focus when working from home as in the office.

Constant communication about how these processes work and how they get updated should be encouraged. Employers – and employees – need to look at processes and say, ‘how can these be challenged/ compromised to keep them secure and how can we fix that?”

Finally, when talking about data security and the tools businesses should be providing remote workers, one piece of equipment that everyone should have – but that many don’t – is a shredder for confidential/ sensitive documents. A standard piece of equipment in the office is rarely seen in a home environment – representing an avoidable risk for many businesses dealing in confidential or personal information.

Key take-aways

• Working from home has become the ‘norm’ for millions and millions of people – and is likely to remain a mainstream way of working going forward
• As businesses grapple with a decentralised and virtual working environment, data and information security has become key and needs a strategic approach
• A consistent IT architecture – designed for data security in office and at home – is paramount
• Wireless tech – such as keyboards, headphones, cameras, speakers – will increase flexibility and employee comfort. Providing ergonomic chairs and desks should be part of the conversation
• Tools that allow for informal collaboration and instant messaging. are great for internal communication and collaboration but these platforms can represent big security risks without clear guidance on how they should and should not be used
• Store files and data centrally on a shared filing system on the cloud; don’t allow local copies
• Multifactor authentication must underpin system access and data security
• Constant communication about how to work securely is vital. Everyone needs to be encouraged to look at the status quo and say, ‘how can the way we work be challenged/ compromised and how can we fix that?’

Mike Robb
CTO, Livingbridge

---

[1] https://www.bcg.com/publications/2020/valuable-productivity-gains-covid-19

[2] https://www.employment-studies.co.uk/resource/ies-working-home-wellbeing-survey

[3] https://www.zdnet.com/article/microsoft-using-multi-factor-authentication-blocks-99-9-of-account-hacks/