Workload and Application Security Blog

Most Employees Would Enjoy Working from Home (WFH) Long Term

Written by Virsec Systems | Jun 29, 2020 6:04:05 PM

Living through a pandemic is fraught with difficulty, but one thing is clear. For people fortunate enough to have the option of working from home, that is something they do like, at least a good portion of the time.

Source: https://lp.buffer.com/state-of-remote-work-2020

And it appears it works for quite a few companies too. Working from home as a permanent practice policy is likely here to stay for companies after the pandemic, at least to a greater degree than it used to be. A recent Pulse Secure study showed 84% of businesses said they would continue with remote working and planned to adopt a long-term arrangement after COVID-19. This is true despite quite a few companies – 70% of IT professionals - have expressed security concerns surrounding remote working.

COVID-19 certainly made working from home (WFH) more prevalent, born out of necessity. Sixty-three percent of organizations reported up to 25% of their employees were working remotely or at home before the pandemic. Now, during the pandemic, three quarters of those same organizations say 75+% of their employees now work from home.

Source: https://lp.buffer.com/state-of-remote-work-2020

While many businesses admitted they weren’t ready for so much of their staff to work remotely, over half said they were able to develop a functional system. Fifty-four percent said they were able to fully support their offsite workforce in a week or less. 

Some Companies Are On Board with WFH

Whether employers like this phenomenon in progress depends on the employer. If you happen to work for the tweeting little blue bird, you’re home free, or free to work from home, permanently. Twitter’s CEO, Jack Dorsey, told his employees on May 12 that they could continue working from home forever.

Dorsey said, “We were uniquely positioned to respond quickly and allow folks to work from home given our emphasis on decentralization and supporting a distributed workforce capable of working from anywhere. The past few months have proven we can make that work. So if our employees are in a role and situation that enables them to work from home and they want to continue to do so forever, we will make that happen.”

A few others have joined that unique list, including Facebook, Shopify, Coinbase, Square, Upwork. Others have extended the work-from-home timeframe until Fall 2020 or into 2021, including Amazon, Box, Google, PayPal, Salesforce and Zillow.

Working from Home Should Be More Chill, Right? Not!

Many companies have allowed telecommuting at least temporarily. You would think working from home, avoiding commutes, and being in the comfort of your own home office would be less stressful and more relaxed. For some, it is. For other employees, not even close. Instead, it has brought higher levels of stress than being at the office while also coming at the price of invasion of privacy.

Employers, especially SMBs, have expressed concern about losing productivity when they can’t see what their employees are doing. To address this concern, a lot of companies have adopted monitoring software, sometimes dubbed as “tattleware.”

Employees are finding themselves under the watchful eye of employee monitoring apps. According to a Gallup poll, nearly two thirds of Americans have concerns about employers using such monitoring technology.

Big Brother Spying Is Causing Stress

A surge of surveillance products emerged this year, mostly from private companies. This makes tracking their usage difficult as they don’t have to disclose the information. But the rate of adopting monitoring software since COVID-19 has gone way up, higher than ever before.

Monitoring software has been around a long time. An early use was truck drivers where sensors kept track of drivers’ locations and speeds to ensure speed limit driving and proper routes were followed. But some of these computer monitoring software – tattleware – present a different level of monitoring that can seem over the top. Monitoring employees in this fashion has created stress and in some cases, led to people being fired if their performance is deemed substandard.

Surveillance software ranges from tracking hours to being highly invasive, to the degree of snapping photos at set intervals to make sure employees are at their computers. Some products track keyboard and monitor activities, which raise questions about employees’ personal information that may be on the screen. Such as, if employees perform online banking, open medical records, do online shopping or any number of personal activities.

NPR reported an e-commerce worker’s experience. After working from home for a couple weeks, she was asked to install Hubstaff on her computer. Hubstaff was to begin tracking her mouse and keyboard movements and keep a record of webpages visited. The employee revealed emails from her company that showed her employer felt this would enhance productivity and efficiency.

One software, Teramind, like others, can be installed without the employee’s knowledge. Teramind gives the employer the means to monitor emails, apps, IMs, social media, keystrokes and so on. Another, InterGuard, enables screen captures and recording of activity on employee machines.

Employers have expressed wanting to be sure the employee started and stopped at the hours claimed, and was actually using basic work applications like Word, Excel and so on. But monitoring software may not stop its monitoring with the end of a traditional workday, but may continue 24x7. With virtual meetings, which can be mandatory, an employee’s home and possibly family members may end up being captured on camera.

Privacy and Security a Real Concern

It might be safer health-wise to work from home to avoid exposure to COVID-19 but it may not be safer for people’s data to be doing so. One can understand a company’s need to ensure productivity and efficiency when their workforce is distributed across the state, country and the world.

But that opens the door to the employer potentially gaining access to much more than work-related information. Employee monitoring software can too easily allow access to personal information. The right to privacy still remains – and that becomes challenging when the workplace is no longer the employer’s building, but the employee’s home. Employers have a right to ensure employees follow work guidelines, but there could be problems if that monitoring exposes sensitive private information.

Data privacy laws differ in different states. California has the strictest law that protects privacy. No federal laws provide a guiding principle for the country.

Another security problem comes from the business side but also affects the employees’ data. Businesses have expressed difficulty supporting the growing need for VPN and remote connections. Employees working from home need secure, reliable connections, preferably with authentication to confirm each user. Lackings in these areas open doors for security breaches.

Additionally, security in place in the office for networks is likely less robust on personal computers and other endpoints, though those same devices continue to access the corporate network.

During this Coronavirus period, numerous threats have circulated, including phishing and adware attacks. In March alone, these types of attacks increased 4,500%. Barracuda tracked 467,825 phishing attacks from March 1 to March 23, with greater than 9,000 of those being COVID-19 related.

How Might Office Environments Be Different Going Forward?

No one can predict when the country or the world will be able to get back to normal, or what normal might look like. It will likely be very different from what we’re used to. Desks could be much farther apart, number of persons in reception areas or meeting rooms limited to 2 or 3 at a time. Plexiglass will abound, placards on the floor indicating where people should stand in separated fashion, or arrows directly flows of traffic to the restrooms. Buttons installed to open doors automatically for no-touch access. New rules applied for group printers, copiers, vending machines.

Whether adjusting to changes in the office or out, employers need to be aware of employees’ needs on all fronts – from the physical to the emotional and psychological. Finding ways to support and facilitate productivity will likely be better received than an hyper vigilant focus on measuring means and methods. Not to mention, foster a friendlier, less paranoia-inducing environment.

Enhancing security for equipment and applications is also a must. Guarding the two most important assets a company has – its employees and its data –is paramount. Learn more in the Resources section below.

Further resources:

Mental Health Awareness Month Highlights Struggles of Working from Home During Pandemic

Zoom's biggest challenge isn't just fixing its security blunders — it's doing so while maintaining what makes it so popular in the first place

2-Minute Virsec Story

New Malware Hides Inside Rogue Virtual Machines

Enabling Cyber Resilience During COVID-19 Crisis

Inside Security: Weekly Webcast Series from Virsec

https://virsec.com/security-from-the-inside-new-weekly-podcast-series-from-virsec/

 

Sources

Pulse Secure report

https://techcrunch.com/2020/05/12/twitter-says-staff-can-continue-working-from-home-permanently/

https://github.com/arjunmadgavkar/Newly-Remote-Companies/blob/master/List.md

https://abcnews.go.com/US/employee-monitoring-extends-workers-homes-health-civil-rights/story?id=70665085

https://www.techrepublic.com/resource-library/downloads/life-after-lockdown-your-office-job-will-never-be-the-same-here-s-what-to-expect-cover-story-pdf/

https://www.npr.org/2020/05/13/854014403/your-boss-is-watching-you-work-from-home-boom-leads-to-more-surveillance

https://www.securitymagazine.com/articles/92157-coronavirus-related-spear-phishing-attacks-see-667-increase-in-march-2020