Since early 2020, most of us have seen some fairly big changes in the workplace.
A YouGov survey in late 2020 found that, before the pandemic, almost two thirds of employees never worked from home. Post COVID-19, 57% said they wanted to be able to continue to work from home, for at least some of the time.
What is Hybrid Working?
Acas define ‘hybrid working’ as “a type of flexible working where an employee splits their time between (a) the workplace, and (b) working remotely”.
Flexible working then, is a wider term that can include reducing working hours, changing normal start or finish times or making them flexible, compressing working time in to fewer days, or job sharing, as well as where an employee does their work. Hybrid working is specifically about where the work is done.
Acas also remind employers that every employee has the statutory right to ask to work flexibly after 26 weeks’ employment service, and can make one statutory request in any twelve-month period.
On this basis alone, it could be worth considering a hybrid working approach for the medium and long term; getting the right things in place now may avoid issues, improve staff retention, and allow planning and implementation of the things that are needed to make it work.
Benefits of Hybrid Working
COVID-19 forced different working arrangements for many people, but as the legal restrictions are replaced by individual policies and practices, keep in mind that what happened before has led to different employee expectations, desires and views. It’s been proven, for many, that work can be done from home.
Employers that don’t support more flexible forms of working may risk increased employee turnover, reduced goodwill from employees, and more difficult recruitment in the future. Hybrid working approaches may become an area of competition among employers.
Employees may benefit from reduced commuting costs and time, fewer distractions during key work periods, feeling valued and trusted (which can motivate staff), and a better work-life balance.
Done well, these employee benefits can also benefit employers: higher levels of job satisfaction, reduced rates of absence, and improved productivity could be achieved.
Hybrid working can also provide other opportunities for companies, for example reducing facilities costs. When properly implemented and supported, hybrid working can mean similar benefits for employees and employers.
Whilst there may be costs in provisioning some of the technology needed for hybrid working, it’s surprising how much can be saved and ‘earned’ if the investment is in the right places, both in the short and long term.
There are a few areas to think about below, broken down in groups. Another approach that we can take is an IT Review; this is about working out where you are now, what you need, and the best way of getting there. Though this is an IT process, it’s led by the business needs.
Get in touch if you’d like to talk about this.
Background IT Processes
There are a number of general IT processes to look at to make sure hybrid working works.
Make sure staff know how to get technical support if they need it.
Delays with logging on, for example, can cause issues with servicing clients or general productivity. Let staff know how to get help, e.g., if they’re unable to access a system (including giving us a call on 01392 435803).
If people took equipment home to work, and are now bringing it back in to the workplace, settings may need to be changed.
As with passwords, you can let people know they can contact us if they have issues, to avoid any time being wasted trying to sort it out themselves.
If PCs and other devices have been turned off for a while, there’ll probably be quite a few updates to come down the line to keep the operating system and applications patched against known threats.
It might be worth getting kit turned on before it’s needed by users, and getting someone to reboot PCs once the updates are finished to avoid users being distracted.
It’s generally a good idea to have ‘automatic updates’ enabled, as there are countless security issues that can be avoided with an up-to-date system.
We can help with this; we’re here if you need us.
If you’ve had staff changes during the pandemic and working from home period, let us know and we’ll make sure the right accounts are set up, and any for people that aren’t with you any more are closed down.
This can save money (you don’t want to be paying for accounts that aren’t used), but is also good security practice.
Thinking about accounts and passwords, now might also be a good time to get people looking at our advice on passwords to improve cyber security.
Whether at home, in the normal workplace, or anywhere else, the right equipment is important in getting the best from people and from IT services. Older equipment can actually cost more in maintenance, as well as the reliability and performance concerns that can impact on productivity.
If you find that you need to replace older equipment or need more equipment (e.g., because people are going to keep a device at home when working some of their time there and some from the office), we can help.
Do bear in mind that there continues to be a shortage of certain devices so lead times may be longer; let us know what you need as soon as you can.
If the internet connection or wireless network isn’t working properly as people come back in to the workplace in greater numbers, it could cause problems.
You might also want to use your space differently. Meetings that used to be in-person might now have ‘virtual attendees’, so Wi-Fi coverage may need to improve.
Get in touch if you’d like us to have a look at your networks.
Similarly, if your printers can sometimes be a bit temperamental or they’ve gone in to a deep sleep, let us know and we’ll check them out for you.
It may be the case that users have more printing to do than usual when they attend the office. Equally, it might be helpful in some situations to provide users with printers at home, if they’ll spend a good portion of their working time there.
Providing the right equipment for users at home can make a big difference to productivity. According to a July 2020 study by Forrester, commissioned by Dell, users reporting that their monitor setup at home is not as good as it is at the office are twice as likely to be less productive.
It might be worth investing in better, or additional monitors, and things like keyboards, mice, webcams and headsets, to provide staff with the kit to be more effective when working from home.
If laptops are used, it can be quite helpful to think about docking stations too, so that monitors, the keyboard and mouse, and often other USB devices, can be connected to a single device that the laptop then connects to.
There are some technologies that are important in ensuring that hybrid working is efficient and effective; technologies that enable the business to grow through hybrid working, and protect itself from risks.
An older telephone system can make it difficult to manage calls effectivity across different locations, let alone when staff might be at their phone (with a DDI) for part of the week, and at home for the other part, with a mobile phone.
Today’s phone systems include lots of features that really help with hybrid working, including:
- Apps: replicate an office handset on a mobile phone (whether it’s a company one or a personal one), and use the Wi-Fi and broadband connection rather than the minutes or data allocation. It doesn’t matter whether the user is in the office or at home; people can reach them on the same number.
- Soft phones: with a soft phone, a laptop or PC becomes an extension (like an app on a smartphone).
- Voicemail: get voicemail sent as an email, or even transcribed. There’s no need to visit a physical handset to pick up voicemail.
- Conferencing: audio conference and web or video conference features provide a way of hosting multiple participants on a call.
Its worth bearing in mind too that PSTN and ISDN lines won’t be available in the near future, as the ‘traditional’ national phone network is being closed down. In 2025 Openreach, the network part of BT, will be switching it off and work has been underway for some time, and continues, to move everyone (businesses and homes) to digital, ‘IP-based’ voice services.
If you’re using an older phone system, or you still have PSTN or ISDN lines, it is probably worth us discussion options; you will probably be able to access better features to support hybrid working, and save money, as well as bring in new technology to future-proof your business against digital changeover.
Enabling remote access to business systems from home is often crucial to working from home effectively. Even though a lot of data can be stored in the cloud (e.g., Microsoft 365 with OneDrive and SharePoint), there are still a lot of applications that run locally.
There are several ways this can be done:
- A Virtual Private Network (VPN) can be used to create a ‘connection’ between home and work.
- Remote Desktop Protocol (RDP) can be set up to allow access to the ‘desktop’ of a work device from home (though have a look at our security advice about this below).
- A purpose-built solution like Splashtop can be implemented to create a quick, secure and reliable way of accessing work devices from home, or anywhere else with an internet connection.
Broadband services were vital to businesses before the Coronavirus pandemic, and are even more so now; many companies will have some staff in the ‘normal’ workplace and others at home, and a need to connect them all together, and with suppliers and customers too.
As we said back in May 2020, the number of homes with access to gigabit broadband is growing fast. Providing good quality connections to key staff at home, with the necessary security and business features, helps to improve productivity and ensure important work gets done, and could save money.
Your business premises might be worth looking at as well. With the investments being made in the UK telecommunications infrastructure, more solutions are becoming available and the competition in the market means there are often better prices to be found now than were available even two years ago. With home workers connecting to access systems and data, it’s important your main business connections are of sufficient size and quality.
Not the most exciting area, but absolutely essential. It’s number one on the ICO ‘11 practical ways to keep your IT systems safe and secure’ list.
In a hybrid working scenario, there might be data in homes, as well as at the workplace and in the cloud.
We’ve created a ‘Detailed Guide to Backup’ that sets out the different options and provides tips on effective backup processes.
When people are geographically spread out rather than all being in the same room, communications will change. Products like Teams and Zoom have become so common they’ve become generic terms (e.g., “I’ll set up a Zoom”), and the number of Teams users grew by 575%, from about 20 million before the pandemic to 115 million in October 2020. The phone, too, has been used for quick conversations between people that may have been face-to-face before.
Email, despite collaboration services, social media etc. has remained the de facto system for business communications. They are quick, convenient, and support attachments. They’re ubiquitous too: everyone uses email.
That, unfortunately, makes email a common target for cyber attacks. In the Cisco Cyber Security Threat Trends 2021 report, phishing attacks were found to be related to 90% of data breaches.
Also called ‘CEO Fraud’, in 2017 the FBI stated there had been a 1,300% increase in ‘business email compromise’ since January 2015.
Making sure email security is up to scratch really is worth the time and money, with the average cost of cyber security breaches estimated to be £3,230 (rising to £5,220 for medium/large firms).
Security needs consideration as part of a hybrid working plan. The IBM and the Ponemon Institute Cost of a Data Breach Report 2021 found that there had been a 10% increase in the average total cost of a breach (the largest annual increase in the last seven years), and the average cost was over $1 million higher where remote work was a factor in causing the breach.
With hybrid working, the network can swell as devices move from desks in the office to desks at home.
In the workplace, data and devices might generally sit behind a firewall, on a business broadband connection, with consistent protection from threats. In a hybrid working scenario, people may be using their home broadband services to connect to the business network, and may even be using their own devices.
This can create easier entry points for attackers. As we wrote back in May 2021, millions of home routers are vulnerable to cyber attack due to older software that hasn’t been updated, or default passwords being in use.
Things like Wi-Fi encryption standards and remote admin access to routers are also risks that can often be managed relatively easily.
As we said above in the ‘Key Systems’ section, remote access to systems and data is likely to be an important part of hybrid working. Indeed, there might be an approach in place that has supported access from home since the first COVID-19 lockdowns.
However, whilst solutions may be operational, many have created security holes that need to be looked at.
If Remote Desktop Protocol (RDP) is used, it is worth having a look at our guidance on using RDP securely.
Many of our clients are using a purpose-built solution called Splashtop, that has strong encryption built in.
Hybrid working, and particularly ‘bring your own device’ (BYOD), can create some data protection questions; the ICO even has a ‘working from home’ page with advice, which we’ve distilled below:
- Data protection policies apply to hybrid working in the same way as they do in the normal workplace.
- Multi-factor Authentication (MFA) helps to protect users and systems from cyber attacks. Think IT has an MFA solution called Duo, from Cisco.
- If staff are using their own devices to access company services, business data should be kept separate from their personal data.
- Where BYOD is employed, keeping software on devices up to date and ensuring anti-malware products are in place and are effective can be more difficult.
- Encryption of data is more important than ever, as there are an increasing number of ‘leak points’ with a hybrid working model.
Good security isn’t just about technology; the best technological defences can be bypassed if people don’t do their bit too. Using weak passwords, opening phishing emails, and not updating software are all common causes of security incidents and data breaches.
Security awareness training is a good way of improving this. By helping staff to understand the risks and the (usually simple) steps they can take to avoid them, the overall security posture can be strengthened.
At Think IT we have a security awareness training service that engages people by providing guidance that is helpful at home as well as at work, and includes things they can pass on to others. We can deliver training online, in person, or in a ‘hybrid working’ approach. Just get in touch with us if you want to find out more.
Accounts and Passwords
Already mentioned earlier, but important enough to be included twice!
We’ve got a detailed guide to passwords, which we’d highly recommend looking at.
Also, the type of account used is very important. US security firm BeyondTrust found in 2020 that enforcing the principle of ‘least privilege’ and removing admin rights meant that 56% of ‘Critical’ Microsoft vulnerabilities were mitigated. For some, there are genuine reasons why an ‘admin account’ would be needed, so we recommend having a ‘normal user’ account (which is used most of the time) as well.
There’s quite a lot to think about, then, with hybrid working, but the potential benefits make that thought process worthwhile. If we can help, or if you want to talk about any of the areas covered in here, just get in touch with us.