How many times have you been approached by your employees asking for permission to work from home instead of coming into the office? Your immediate reaction probably includes head nodding, quickly followed by questions surrounding the resourcing that is required to make this desire a reality. In a recent Cisco study, “The Cisco Connected World Report,” respondents indicated companies that afford their employees the flexibility to work remotely are more attractive employers.
Should companies allow remote worker access?
My experience has shown that highly visible and transparent discussions lead to greater understanding, engagement, and ultimately buy-in with the ultimate decision—to allow or not. In addition, these discussions lead the individual employee to the appropriate expectation of services; if remote worker capability will be enabled, the individual will be well-positioned to understand the need to comply with a bevy of new processes and procedures. Rarely do individual users understand the resourcing nuances that are required of an IT department to protect company assets; the employee's perspective is often times based on the experiences of others or personal experiences external to the company. Universally, and I count myself in the universe, they know what they want and they wanted it yesterday.
Implementation of the remote worker solution may require the use of a laptop or smart-phone, or both. In order to appropriately explore and resource correctly, the IT department must know and understand not only what type of devices are touching their networks, but also where and how these devices are engaging the networks. The technological data transfer solutions and attendant infrastructure for use with company email, intra-organization collaboration, external interaction, and various third-party applications that keep the business running, all have to be evaluated separately and as configured. For the transmission equation, virtual private network interconnectivity ensures data is appropriately secured when in motion. With the realization that devices do sometimes go missing, due to either theft or carelessness, an encryption capability should be in place to protect the data on the device as well as any storage media (portable hard drives, USB sticks, etc.).
Survey respondents are divided on whether or not the remote worker capability should be allowed. IT departments might make the assumption that employees understand the security threats of working remotely, whereas employees might think the IT departments just don’t get it. Both are half-right, employees absolutely have the ability to understand. IT and Information Security (Infosec) departments must ask themselves, “Have we made the investment in education and awareness with respect to security concerns?” If not, then no assumption should be made that the employee is well-read with respect to how to operate securely in a remote work environment. The employee who is educated and aware of the security issues unique to remote working environments is the first and last line of defense protecting the company’s interests. The value of security and awareness programs, specific to the remote worker environment, can absolutely serve as the instrument which quiets the cacophony of complainants making the assumption that those charged with implementing and protecting the infrastructure just don’t get it.
The respondents made clear the need for a remote worker option, noting that remote work capability is not a nice-to-have option, but rather an expected table-stakes capability. Users may not wish to be working seven days a week, but they do want the capability to work and be productive outside of what might be considered normal business hours, as well as when on the road. The IT department that doesn’t have a road map for remote access may be positioning their entity to be viewed as a less attractive place to work, according to a majority of the respondents.
In sum, your employees may not want to show up at the office for work, but they will be more likely to want to work from a remote location when their position allows for flexibility.