Tag: Data Security

Categories
Blog Workplace Thought Leadership

Impacts of Remote Work: Five Hidden Costs Employers May Overlook 

iStock-1031398222.jpg

By Pat Clark
Chief Financial Officer
SpaceIQ

Many states have begun loosening restrictions as the COVID-19 pandemic wanes. Employers are now grappling with the decision of what the future of their offices will look like – and how much it will cost to adapt to a new business normal.

In the past year, companies observed how remote work impacted their internal operations, employee productivity, and overall business performance. Now, when paired with a practical cost/benefit plan, these observations can help companies determine the best path forward: bring all employees back, go with an all-remote workforce, or create a hybrid of the two.

Understanding employees’ workplace needs

Our employees’ well-being has always been a priority, regardless of the pandemic. As we look at transition plans, understanding employee needs and maximizing their engagement is at the forefront of our decision-making. For some SpaceIQ employees, a work-from-home setup is a dream. Others are counting down the days until they can return to a physical office. Many fall somewhere in between – hoping for flexible options to alternate working remotely and in a physical office space.

Managing expectations for a return-to-work plan should be No. 1 for companies seeking to ensure the safety of their employees. Globally, employees have shown that remote work is viable and even preferable for productivity and engagement. Of the estimated 48 million full-time employees in the U.S. who hold a remote-work-compatible job, 82 percent say they would like to work remotely at least weekly. The challenge lies in developing a budget-appropriate plan that offers opportunities to work remotely while resuming uninterrupted operations in a physical office.

Five hidden costs of remote work

Companies often overlook the hidden costs of remote work that should be addressed when considering a work-from-home or hybrid environment. Additionally, these costs can increase with the fiscal requirements of maintaining a physical location.

1. Developing a centralized network infrastructure

Beyond the use of laptops, cables, and monitors, office technology harbors additional costs for communication. Using platforms such as Slack or Microsoft Teams has become more critical than ever for businesses that have reduced face-to-face interactions. Companies that continue to leverage these platforms need to consider the maintenance and security of their network infrastructure.

2. Understanding the soft and hard costs

Nurturing an internal culture with remote workers is critical for employee engagement. The hard costs of remote work are easily calculable, but soft costs surrounding employee connection, team-building activities, or all-hands meetings may be more challenging to pinpoint. Remote work will require additional effort to keep employees connected. For example, our Human Resources and Marketing teams collaborated and coordinated a global gift distribution for employees in Q4 2020. SpaceIQ CMO Nai Kanell led the effort and explained, “It was no small feat and expensive, but it was worth every penny. We want people to know personally, ‘Hey, we’re one team working together regardless of location. We care about you.’”

3. Maintaining data integrity and security after turnover

Data integrity is a critical issue for virtually every company.  One data loss survey conducted by TechRepublic indicated that 95% of the participating organizations say they suffered data loss in 2020. Remote work has led to an increased reliance on email, which increases the potential of unintentional sharing of sensitive information. Moreover, 60% of survey participants reported working in a shared home office or communal spaces where distractions are unavoidable. In addition to confidentiality concerns, distracted employees are more likely to make errors that result in the loss of sensitive company and/or customer data. Increasing employees’ focus on the criticality of maintaining data security through on-going communication and training is critical.

Additionally, companies need to plan well in advance regarding how they will protect their confidential data when employees leave the company. When an employee leaves an organization, companies should take immediate action to collect equipment and protect sensitive information. Many companies choose centralized system control to enable immediate termination of employees’ access to confidential information and company applications, reducing the likelihood of data loss.

4. Budgeting for the costs associated with relocating employees

Many employees chose to relocate during the pandemic.  It is critical that employers know where employees are moving to ensure that the company is not unknowingly becoming liable for income taxes, property taxes, and employment taxes in new states.  Also, where employees choose to live could impact their tax bill if it is somewhere other than where they were working before the pandemic.  Employers and employees should expect that depleted state budgets might prompt states to go on the offensive when it comes to collecting tax revenue from employers and their  employees working remotely, even if it is only temporary. Generally, under the federal Fair Labor Standards Act (FLSA), employers are not required to reimburse employees for work-related expenses incurred working remotely. Even if your state does not require your company to foot the bill for remote work expenses, companies may want to offer reimbursement for the cost of internet, ergonomic equipment, or technology purchases. These can be marketed as company perks but will add to the bottom-line impact of supporting remote work.

5. Adapting operations for geography

For managers with teams now in multiple time zones, shuffling meeting times and juggling schedules is part of the reality of a geographically dispersed team. The amount of time it takes to coordinate moments for team collaboration can place an additional strain on managers who are already struggling to meet day-to-day demands, develop team culture, and adhere to company-wide policies. Organizations that rely on managers to balance these different facets of remote work should be aware of burnout and turnover that may affect their leadership teams.

Remote work options also is pushing many employees to relocate to new cities and countries. A 2020 DSJ Global survey revealed 69% of those polled would move to a different location for a better job. This choice can create complex issues for employers. Business registration in multiple states or countries can be costly and time-consuming. Local tax and labor laws aren’t consistent across borders. Unemployment and workers’ compensation insurance coverage typically is governed by the state where the employee works, not where the company is headquartered. If your business covers relocation expenses, plan to spend upward of $97,000 for current employees and $72,000 for new hires.

Additionally, recruitment is another element that may require additional investment. Kanell says, “We are spending a lot more money on recruiting than we did in the past. We also need to be more flexible in terms of where people can work from. This flexibility entails business registration in the multiple states where we have found top talent to join our team.” Going through the registration process requires administrative costs and time, along with gaining an understanding of the local pay rates for that talent.

Remote work and the agile office

Regardless of the framework businesses choose, remote work has evolved from a loose trend to commonly sought benefit by employees. The post-COVID workplace will be focused on longer term, agile workplace development. Last year has shown us that more companies are going to be embracing a hybrid structure versus the “normal” office that so many of us have grown accustomed to. There is no “normal.”

The benefits of having a remote structure and the need for recognizing the potential additional costs are clearly present, but we also have to remember: It’s not all or nothing. Employers are considering the productivity benefits of staying remote while also understanding the need to keep employees safe in a collaborative, in-person environment.

Companies can embrace better workplace agility by understanding both the financial costs and the employee productivity and job satisfaction implications of remote work.

Keep reading: Boost Team Collaboration with 10 Remote Working Tools

Categories
Workplace Thought Leadership

Strategies to Safeguard Workplace Data

By Noam Livnat
Chief Product & Innovation Officer
SpaceIQ

Who would have thought, only a few years ago, that workplace managers would have to worry about battling cyberattacks and corporate sabotage. Data is now integral to every facet of your business, which means there’s more of it to protect, in more places, than ever before. It’s imperative to protect your systems and data against malicious hackers, information theft, and even accidental leaks. To mitigate this risk, business leaders must implement best practices for data security and evaluate third-party vendors for privacy compliance.

How Vulnerable is Your Workplace Data?

While the financial and healthcare sectors are often primary targets for hackers, the information that can be gained from corporate and customer data is astonishing. Businesses of any size and industry are tempting targets because they collect and analyze vast quantities of data that can be used for monetary gain.

Because data touches virtually every corner of your operations, addressing data security goes well beyond email. Even your IoT-enabled building equipment, such as smart thermostats, IP security cameras, and automation software, is at risk. Legacy systems, as well as the latest generation of apps, require layers of data protection. Otherwise, these digital tools can be turned into an attack vector that hackers exploit for system access.

Once inside, cybercriminals can mine your data for trade secrets, commit identity theft, or leak information to competitors. Sensitive information that is susceptible to attacks includes:

  • Workforce: Head count, payroll, and staffing forecasts are prime targets. Even access to an employee directory can be tempting to headhunters looking to poach your talent or for even less scrupulous actors trying to “spear phish” or use social engineering against your employees.
  • Financial: Operational costs, leases, growth projections, loans, transactions, customer lists, sales numbers, and vendor contracts are vulnerable data sets. Imagine what a competitor could do after peeking at how much your customers pay you or your pricing models.
  • Privacy: Records containing birthdates, compensation, Social Security numbers, home addresses, cell phone numbers, and dependent info are always at risk as they can be used to conduct identity theft or financial fraud. And don’t forget bank account numbers used for direct deposit.
  • Location: Because workplace violence takes many forms, data generated from badging, WiFi, conference room or desk reservations, seating charts, and other sensor data should be protected.

The good news is that your IT security managers have vast resources at their disposal to safeguard data. For example, data loss prevention (DLP) tools can flag a potential breach from an insider threat, cyberattack, or negligent exposure. A virtual private network (VPN) can protect your remote or traveling employees internet usage from prying eyes.

Such measures should stem from a comprehensive data security governance framework (DSGF) that assesses risk and ensures proposed controls will satisfy business objectives. DSGF is listed by Gartner®, a research and advisory firm, as one of the top security and risk management trends for 2019.

Take extra precaution to ensure your DSGF extends to all cloud-based software and third-party applications. With the proliferation of software as a service (SaaS), businesses are externally sharing a wider range of sensitive data. It’s critical to hold vendors accountable for data security.

Privacy Compliance and External Vendors

Before engaging vendors, you should ask new and existing third-party software providers one question: “How will you handle and protect our data?” You wouldn’t hire a building management company without asking about their service policies—extend this same due diligence to any digital vendors. Here are best practices to protect your workplace data and vet data processors for security governance:

  • Limit Access: Don’t give an external vendor carte blanche access to your data. Take a minimalistic approach and only provide access to what is necessary for them to deliver expected outcomes. For example, SpaceIQ needs a person’s name, email, title, and department, but we don’t need to know Social Security numbers or birthdates for them to use our platform. While this information is housed in the same HR system, we need access to just a small portion of an employee’s profile. Work with your vendors to pull only the data that is fundamentally integral to executing their processes.
  • Request SOC or GDPR: Industry audits, reports, and certificates are a great way to evaluate the safety and security of a vendor. Voluntary third-party verification programs such as SOC 2, Privacy Shield, or ISO 27001, help evaluate the trustworthiness of a company. While these are optional, GDPR and California’s Consumer’s Privacy Act are laws that may apply to you and your vendors. If a software provider carries any of the aforementioned certifications, ask to review their documentation and note any expiration dates.
  • Include a DPA: A data processing agreement (DPA) is a legal obligation that specifies what a vendor is allowed to do with your data. More importantly, it can also stipulate what they are not allowed to do. A DPA ensures that the data processor guarantees it will protect your records and what its contractual responsibilities are in the event of a breach.

Whenever you share data outside your organization, it’s necessary to balance convenience with security. The key to finding equilibrium is to ask: “How do I minimize the risk of allowing a vendor to access my data without sacrificing the rewards and benefits their services offer?” Controlling not only who has permission to use your data but how much they can access is the first step.