Zoom. Slack. Hangouts. If you hadn’t heard about these remote productivity tools and others on the market before, you most certainly have by now.
Organizations and employees around the globe have adopted these tools at a staggering pace over the past few months. Out of necessity, organizations have expedited established procurement and IT adoption practices in favour of lowering the barriers to remote working and maintaining continuity of client and customer service.
With the dust starting to settle, now is a good time to develop a strategy to mitigate the risks associated with widespread use of these tools and outline which of these tools, if any, ought to be adopted for the long term. The strategy should include the following steps:
1. The PSA*
If you haven’t already, provide employees with tips, tricks and best practices for the tools that they use. Likely, in the short term, most remote workers will continue to use the tools they have become familiar with to support their day to day work. A PSA will help mitigate the risk of cyberattack or unintentional disclosures of confidential, personal or sensitive information.
For example, encourage the use of security features built into these applications (no one appreciates being Zoombombed) and how to avoid storing confidential, personal or sensitive information in the tools.
*public service announcement
2. The Audit
To get a handle on the risks facing your organization, you’ll need to identify which remote tools are actually being used. Unfortunately, this will not be as easy as it sounds.
Relying on IT systems that block unauthorized downloads won’t be as effective as it once was, as many applications can be accessed through web browsers without installing software on a local computer. As a result, your IT department and leadership will need to get creative to identify all applications used by employees. Consider using anonymous polls and other informal methods to get a handle on what tools are in use.
As tools are identified, a legal review of the application’s terms and conditions should help you assess the risks posed to your organization. For example, many free trials for applications are for “personal” use only. If the vendor becomes aware of any business use of their software within your organization, you may be on the hook to pay fees for that unlicensed use. You should also determine where your data is located, who owns it and whether you are able to retrieve it once the application is no longer being used.
3. The Transition
This pandemic has shown us the efficacy of remote working tools and demonstrated that even the most traditional workplaces—ahem, law firms—can exist and function virtually. And even though physical distancing and other restrictions will eventually be lifted and allow employees to return to the office, remote working will likely remain commonplace and be expected by the next generation of employees.
Your organization should start identifying enterprise versions of available remote working tools that meet your organizational needs. In many cases, enterprise versions of these tools have enhanced features and functionality, paired with more robust security protections.
Once you’ve identified key features and functionality, consider whether the vendor’s legal terms satisfy your requirements, with an emphasis on their privacy and security practices, where your data is stored and with whom it is shared. Although most vendors in this space expressly state that they don’t sell your information, that doesn’t mean that they don’t share it with others. You should be aware of how your data is used to ensure that your organization still complies with local privacy and data protection laws, as well as your commitments to clients and customers.
4. The Clean-up
Once you’ve settled on your enterprise tools, the next step is to promote its adoption over the tools people have gravitated toward by preference or necessity. This should start with a program to transition your employees to those enterprise-approved tools, through training and other initiatives that lower the barriers to adoption.
As the new tools are rolled out, your organization should tidy up the remaining loose ends from tools no longer in use, retrieving and/or deleting data and closing any lingering accounts. As your employees may have set up these accounts in their own name, you will likely need their assistance to complete this process.
The shift to remote work over the past months has demonstrated the flexibility of modern work life, though that transition was not without hitches. With a little planning and foresight, your organization now has the opportunity to implement lasting and resilient enterprise remote work solutions that meet your legal obligations, organizational needs, and the expectations of your clients and customers.
