Is Working In the Office Old Hat?

Its technically very easy to make working from home seamless for staff. Its trickier to cover all the other bases: social interaction, employee well-being, team management and maybe an area not so often considered: legal responsibilities and possible pitfalls.

Flexible Work Arrangements. Why Do It And How?

At FooForce, we have flexible arrangements because it suits us. The technology is mature and well understood. We assessed what bits of our business could be managed from remote, and whether the systems we used would support that model. We found that some of our systems were suitable, some not. What were the differences?

  • Some systems are designed for web or remote access – which makes them work well. Some are designed for local access only – which makes them poor performers when used remotely.
  • Security needs for some systems are much higher (eg Finance) than others.
  • Some systems have high resource demands: eg they are really big or consume lots of processing. This kind tends to be hard to use from remote.

We assessed our essential business functions and listed the systems used to support those. Then we reviewed each system and had a look at how well each would continue to support our business requirements: would each system be the best fit for the organisation we planned to be in the next few years?

An example: our particular accounting system has big files and lots of data transfer. It also of course has high security needs. Because of all these factors, this system isn’t going to work well over an Internet connection. We can make the security safe, but the data transfer needs are a killer. It’s an arithmetic problem really: in the office, data zips around at 1000Mbps (Mega bits per second). Out across the Internet, it’s a very different story: if you have a typical home ADSL2+ Internet connection, and you’re lucky, you might get 15Mbps download and 2Mbps upload.

Here is a graph from Internode that shows the speeds pretty clearly:

It doesn’t matter if you aren’t up on what “Mbps” (megabit per second) really means, the massive difference between the numbers is the significant thing: the bottom line is that in the office, you will get data transfer speeds that are hundreds of times faster than anything you can get using an ADSL2+ Internet connection. So, if you try to run something big across your Internet connection, you will hate waiting for your screen to update and find the slowness unusable for lots of normal functions such as opening a word document.

The solution? Change the way you work OR change the systems you work with. That is, use web-based systems and those purpose designed to work across the Internet.

While “cloud” and mobility were not absolute essentials when FooForce was assessing systems, if a system did not have a clear road to mobile/agile, then we only kept it on if there were some hefty other advantages. Some of our essential systems turned out to be unsuited to easy mobility, “cloud” or web access or off site hosting. This was because either the technology used or the way people interact with these systems didn’t work well in a cloud/remote environment.

In the case of FooForce, we didn’t change our accounting system because:

  • The cost to change would out-weigh the benefits.
  • The number of staff using the accounting system is small, and therefore we could satisfactorily provide remote access in a different/conventional way.

For other systems, we:

  • Changed our work patterns to make better use of the mobility features.
  • Changed to different software that better matched our priorities.

Our main systems that run our day in the office: timesheets, CRM, project management, trouble ticketing, remote monitoring – are all accessible as Cloud services (in our case private cloud).

All our staff are setup to access these vital services wherever they are: on laptops, desktops, tablets even smart phones. Staff have all they need to be able to work effectively with all those systems. Mostly, that amounts to a web browser and an Internet connection. We selected the systems we use for their flexibility and accessibility.

To make working remotely easy and efficient for staff:

  • We cover the cost of a satisfactory Internet connection so the staff member is properly connected if working from home
  • We provide a FooForce VoIP phone which puts them on the office phones – no further away than dialling their extension. We even have helpdesk working like this where they are front line phone answerers.
  • We make sure they have the right setup so they can connect well with their team and do their work: Skype, email, satisfactory computer.

We find having flexible work arrangements gives staff a greater level of control and is a positive for the business as a whole. We have people working from home sometimes to suit FooForce scheduling needs, and sometimes to suit the convenience of the staff member.

Why Not Do It?

Yahoo boss Marissa Mayer banned all working from home last year and caused a bit of an uproar among staff and in the media. The memo sent to staff at Yahoo said in part:

“Some of the best decisions and insights come from hallway and cafeteria discussions, meeting new people, and impromptu team meetings. Speed and quality are often sacrificed when we work from home”

So they have all had to pack up their laptops, get out of their pyjamas and get back into the office.

Apart from social and business management, the legal implications for remote working are real. There have been various cases where employers have had costly liability claims arising from staff working from home. One example: a Telstra employee fell down her stairs at 6.00pm one evening. She had a formal arrangement to work from home, so this became a workers compensation case.

A Legal Perspective

I asked Bernie O’Donnell – an employment law expert of KP O’Donnell & Associates some questions about this. Here is what he had to say:

Does the employer need to enforce OH&S standards for employees working off site (at home, while travelling)? If so, how should this be done?

Yes, Employers do have the same responsibility for Employees whether the Employees work at the Employers premises or the Employees home. The term used in the legislation, the Work Health and Safety Act 2011, (“the Act”) is (PCBU) person conducting a business or undertaking. The duty of care owed by the PCBU arises when it directs or influences work carried out, engages or causes a worker to carry out work (even using a subcontractor) or has management control of the workplace.

A simple test you can do is ask whether you are paying the person who injures themselves during the time when the injury occurred? If the answer is yes then you are responsible.

The Act requires the PCBU to: ensure safe systems of work; a safe work environment; safe use of plant, structures and substances; that facilities are adequate; that there is notification and recording of incidents; that there is adequate information, training, instruction and supervision; that there is compliance with safe work health and safety regulations; and that there are effective systems in place for monitoring the health of workers and workplace conditions.

Are employees working from home covered by Workers Compensation?

The answer is yes they are covered by your Workers Compensation Policy when working from home.

What action does the employer need to take to cover the risks? Eg: do we have to specify that staff shouldn’t wear socks on polished timber floors?

You, the Employer must do everything that is reasonably practicable to ensure you meet the responsibilities as an Employer under the ACT. The things you must take into account are:

1. The likelihood of the hazard or risk occurring;
2. The degree of harm from the hazard or risk;
3. Knowledge about ways of eliminating or minimising the hazard or risk; and
4. The availability and suitability of ways to eliminate or minimise the risk.

What sort of conditions should the employer stipulate? Work hours? Ergonomics?

The working hours, suitable equipment, furniture and the like are all subject to the same requirements as would apply if the Employee is working at the Employers premises.

If you have any questions related to employment or other legal matters, contact KP O’Donnell & Associates, they always give good advice. I’ll be revisiting my remote working arrangements to make sure staff are safe and aware.

If your staff and your business would benefit from flexible working arrangements, talk to FooForce, we have helped lots of companies take advantage of available technology in a safe and secure way expanding the reach of their businesses.Here is an example:

The situation:

A consulting firm where the principals of the business all travel frequently, so need to be able to do business from overseas, at home, in hotel rooms. The firm had a conventional office setup with a server room, all the data and email running in-house, an office for each consultant and a small admin staff. The office space accommodated around 20 people, but on any one day it was rare for there to be more than 5 in the office.

What we did:

First, we reviewed and assessed the business functions and the systems used to support these. From there we set up a plan to get the business systems leaner and more capable of remote operation.

  • Moved suitable services to the cloud – email to Office 365, accounting to a hosted service and CRM to Salesforce – web-based.
  • Moved file storage to a data centre – out of the office to a well maintained location with excellent Internet links and guaranteed up time
  • Setup secure browser based secure access for data

The outcome:

The company was able to move to much lower cost office space – a couple of desks for admin staff, hot desks for principals when in town, a couple of meeting rooms. As there is only intermittent use, there is no need for expensive redundant Internet links. Taking into account the reduced cost of the office and Internet links, this company ended up with a substantial net saving.

A word on costs:

Cloud and hosted services are charged on a usage basis, so will increase as the company grows. These services are not cheap, and companies looking to save money by going to the cloud are mostly disappointed to find that although the initial outlay is cheaper, over time, the cost per month for every user, every gigabyte of data and RAM adds up to a substantial outlay to run a business. Add to this the absolute necessity of excellent Internet connectivity from wherever you are to access your cloud based services, and you soon realise why cost saving is not one of the main advantages businesses get from cloud services.

Remote Working Security – Business without Perimeters

In the old days, we could define and point to our business location: it was the office, the servers in the comms room, the office network, the people sitting at their desks, 9 – 5 Monday to Friday. Communication with suppliers, customers was to some extent containable, and the week had a weekend and a separation between work and private life. It hasn’t been like this for a long time now. Where and what our business is basically translates to wherever our people are.

Does all this change the Security requirements? Policy requirements? Do you teach staff how to keep their company data secure on their phones, home PCs, tablets?
Of course, having staff working from home, the beach, hotel rooms etc adds a whole layer of security questions that are sometimes just easier to ignore. Those remote workers are opening windows into your business – a path to your accounting system, your CRM, your storage your email services. Typically, business owners I talk to question security concerns because they can’t imagine what circumstances would make their data interesting to a “hacker”. In one sense, they are right: hardly anyone in the world would get value out of industrial espionage focussing on your company. And unless it is a high profile company, hacking it, taking down its website or blocking access to your corporate network is unlikely to be attractive to terrorists.

Those scenarios belong to movies and spy novels. They aren’t the main game for Internet hackers. Lets just get something cleared up: the threats to your network come not from hacker kids trying to break in or high class spies trying conducting international espionage. It far more mundane that that. The “hacker” doesn’t care about your business, is almost certainly an automated program running from a rented network of sometimes many thousands of computers. These are called botnets and they can be hired for a few dollars an hour. If you would like to read more, click here for an example from security research Dancho Danchev:

Attacks by botnets or malware are not targeted at you personally or about your business. A botnet delivers malware by doing what computers do best: endless repetitive tasks done very rapidly such as searching for unprotected computers. If it finds one, the malware can start doing its work. This work is not spying on your business confidential documents, its almost certainly something like:

  • Searching for useful things on your hard disk such as your Internet banking login details, or stored credit card details.
  • A chance to install a key logger that will wait until you access your Internet Banking site and will then record your keystrokes to pick up your login details.
  • Turn your computer into a member of the botnet by installing programs that will run unknown to you in the background so all the time your PC is connected to the Internet, it is being rented out unknown to you running services for paying customers.

The “hackers” are earning a living by stealing from you, no less than pickpockets at a railway station. Its just business – criminal business, but still business to them. Your protection is to be aware of how they work and safeguard yourself. In our world of business without perimeters, we have massively expanded the opportunities for cyber pickpockets to get hold of our stuff.

If you would like an insight into how the world of cyber criminal business works, you can download this study done by Trend Micro in 2012 is an interesting read.

What to do?

  • Use a firewall that works
  • Only use secure passwords – at least 8 characters, never a dictionary word, include non-alpha characters. Change it regularly! Seriously, its takes about one minute to crack a password that is a dictionary word or easy to guess. Have a look at this list of the 25 most common (worst) passwords from Slashdot.
  • Always use safe browsing habits!!! This is the biggest single factor:

DON’T download software except from real, reputable sites
READ the message before you click “OK”
UPDATE your browser with the latest security patches
BE SUSPICIOUS of pop ups that say an “update” is available – don’t just click on it

Be alert for changes in behaviour: is your computer running strangely slowly? Does there seem to be lots of activity (hard disk light flashing) when you aren’t doing anything?

Secure your seemingly unimportant accounts such as Amazon or Apple iStore. These can be used as stepping stones to get access to credit card details or other accounts.

If your staff and your business would benefit from secure, flexible working arrangements, talk to FooForce, we have helped lots of companies take advantage of available technology in a safe and secure way expanding the reach of their businesses. We can help you to identify and setup good practices and advise you on reducing your business risk.

Contact us for a chat about your needs:

Phone: 1300 366 367