Addressing the demands of a mobile, virtual, and stay-at-home workforce is not a new topic. Hiring the best talent — regardless of whether or not they reside in proximity to company facilities — is a competitive reality for many organizations. But the global coronavirus outbreak has suddenly amplified interest in this trend at companies large and small around the world.
High costs of living and impossible commutes have caused many firms to invest in technology that enables employees to communicate and collaborate with teammates, partners, and customers, wherever they are. Collaboration and conferencing technologies such as WebEx and Skype for Business are all well-established tools to overcome the limitations of email and phone calls to get the job done. These collaboration platforms are now joined by the explosive adoption of Zoom, Slack, Microsoft Teams, Uber Conference, and others.
Many firms, for a variety of reasons, have been slower to embrace advances in technology to support a nonoffice dwelling staff — until now.
Most knowledge workers have had experience participating in a WebEx meeting. But upporting a conferencing technology as a primary means of collaboration and simply getting stuff done across a large organization is a different matter.
For example, should companies consider software that is “free?” How should they adjust policies to outline what is acceptable and what are prohibited uses of conferencing tools? What cybersecurity risks, such as the possible introduction of ransomware or spear-phishing, will be introduced? For regulated firms, how confident are they in the ability to capture, store, and produce business conversations if required by the SEC, FINRA, or other regulatory bodies? And let us not forget those CCPA and GDPR data privacy laws, and the controls companies are building to satisfy them.
Undergoing a rapid transformation to a suddenly-remote workforce entails a multitude of adjustments in management processes, measurement systems, and operational and cost analyses. However, the process of evaluating technologies to support the effort can benefit from those organizations that have previously embraced collaboration and conferencing solutions. From this group of adopters, we can offer five best practices to begin an enterprise evaluation.
1. Start with a benefit/risk analysis. Every organization should evaluate the benefits and risks of each new tool before choosing to allow them for use within the business. The benefits include the ability to reduce the number of in-person meetings, improved access to information, as well as a decrease in the use of email. The potential risks that may be introduced to the business include cybersecurity, data privacy, and regulatory compliance vulnerabilities. If critical stakeholders conclude that the benefits exceed the risks — and that those risks can be controlled and mitigated through the use of technologies — then they tend to approve adoption. What the current coronavirus situation has done is alter that equation. Companies advising employees to stay home need to provide access to tools so workers can do their jobs remotely. It is, for the most part, an acceptable alternative to the risks posed by maintaining a physical office presence and traveling by air during a pandemic.
2. Beware freeware. Many collaboration and conferencing solutions have multiple-tiered offerings, some of which are as simple as a user download away from proliferation within an organization. Information technology leaders, along with security and privacy stakeholders, should be leading due diligence efforts to explore which offering is sufficient to meet the firm’s data protection objectives, in addition to the comparative evaluation of features across vendors. Premium-tiered offerings may provide capabilities that are not essential but may be the only configuration that meets the organization’s risk threshold. As noted above, some vendors are currently offering discounted or free access to premium tiers for use during the COVID-10 crisis.
Ensuring that users of collaboration or conferencing systems know how to find information produced within those tools is vital, but sometimes underestimated.
3. Consider capture and storage. Every collaboration and conferencing provider is unique in the capabilities and product support it provides natively to capture and store communications activity occurring on its networks. For firms faced with regulatory compliance obligations or frequent e-discovery demands, relying upon a vendor’s ability to provide timely response to a request for historical content may not be worth the risk. The availability of third-party solutions to capture and store content to meet regulatory and litigation demands should be a key component of any analysis.
4. Update communications policies. Common feedback from those abruptly dropped into a new collaboration tool is that it can often be a distraction from key tasks. One crucial step for firms in the midst of deploying collaboration or conferencing tools is to ensure that communications (and employee conduct) policies are up-to-date and not centered solely on email or other existing tools. Conferencing and broader unified communications platforms offer a variety of capabilities that could be misused. For example, an employee might record a conference with an external party without first having received their permission, in some cases a violation of state laws. Knowing the features of each tool, and how those features would be necessary for an individual to do their job, is necessary to make policies relevant and specific to those who may not have had previous experience working remotely or managing a distributed team.
5. Train, train, and retrain. Remote work can be a major adjustment for individuals accustomed to an office environment. IT won’t be ideal for tightly knit workgroups with high interdependencies. Those investing in collaborative and conferencing technologies for the first time should work closely with leaders in those groups to design training programs that reflect the nature, timing, and business impact of critical deliverables. The goal should be to minimize disruption to the business and to account for critical steps needed to meet key deliverables dates. Ensuring that users of collaboration or conferencing systems know how to find information produced within those tools is vital, but sometimes underestimated. Senior management must step in to ensure that the technology can deliver the promised productivity benefits — even if deployed under less than ideal circumstances.
In heavily regulated industries like financial services, the mantra has been to disable or prohibit access to some of these tools and features. Banks and others have perceived them to be risky or too expensive to govern. The risk/cost/benefit ratio was not good enough. The tide has turned rapidly amid a worldwide health crisis. These same companies risk being left behind their competition, piling up the costs of an ineffective home worker, and not realizing the productivity benefits that these modern technologies provide.
Robert Cruz is senior director of information governance of Smarsh. He has more than 20 years of experience in providing thought leadership on cloud computing, information governance, discovery costs, and risk reduction.