How to manage mobile workers

New technologies are fundamentally changing the way we all work, throwing up new risks and challenges for businesses and employees. The changes are coming so fast that employers, employees and lawmakers haven’t yet entirely figured out the best way to go forward. The multiple dimensions—technology, business practices, attitudes and laws—are interconnected and so are the risks, not just within the realm of mobility but beyond.

The biggest change has come from mobile devices, such as smart phones and tablets, which allow individuals to connect, including to work, anywhere, anytime. As a result, the line between business and pleasure is blurring, while the work-life balance is pushed to the edge as employees are on call 24/7/365. Routing personal activities through corporate servers exposes both workers and employers to privacy and security issues.

“Everybody wants their company to be a good place to work, to attract good people,” says Linda Conrad, Director of Strategic Business Risk at Zurich Insurance Group. “Flexibility is very attractive to people, and mobility provides that. It gives them more control over their own time and their life.”

Only 2.6% of workers in the U.S. work primarily from home, according to Global Workplace Analytics, a consulting and research firm. However, nearly a quarter of Americans report working from home at least some of the time, according to the U.S. Bureau of Labor Statistics.

“How do we incentivize a new generation of people who expect to do everything everywhere? If you want to have a successful corporation, you need some kind of cohesiveness. It may get increasingly difficult to create a corporate culture if people never see each other,” says Ms. Conrad.

Many global organizations have long faced the challenge of inculcating values in employees spread over many locations; now they have to worry about the same task for workers who may be in the same city yet aren’t often physically present at the office. The remedy for mobile workers is the same as for those in foreign offices: regularly scheduled face-to-face gatherings, where people can get to know each other as more than a voice on a phone or a name on an email, Ms. Conrad says.

Companies also face the question of responsibility and benefits when employees are injured outside the workplace, whether while traveling or while working from home.

“It’s unlikely a company would deny a claim by an individual working from home who falls down the stairs and breaks a leg,” says Paolo Marini, Global Head of Customer Management at Zurich Insurance Group’s Global Life segment. “At the same time, the risk of abuse is certainly there.”

Technology as role-changer

At the same time, mobility is upending corporate roles and chains of command. “In a typical hierarchical office, a worker with a problem tells the boss, who would kick the problem farther upstairs, or to the relevant person in another location. Now, you talk directly to the other guy,” says Larry Collins, Vice President of E-Solutions at Zurich Insurance Group. “Information improves because the person who has the information is talking directly to the person most in need of the information. It’s as much an issue of effectiveness as it is an issue of efficiency.”

Mr. Collins—who directs his far-flung workers from Schaumburg, Illinois—recruited a team of people with 30-40 years of experience, some of who had retired, to do virtual risk assessments. Some work from home, some from an office, some a combination of the two.

“They all use technology differently,” he says. “We’re getting far more products and far better products, and freeing other staff to do difficult work. These people very much wanted to use their skills but didn’t want a full-time career again. Some have called me up to thank me. That has never happened to me before.”

It shows how while the risks are interconnected, so are the benefits. Technology shortens lines of communication and gives workers flexibility in time, location and kind of device, resulting in happy workers.

BYOD gathers pace

One key to these workers’ satisfaction was that they had the power to choose devices they felt comfortable with. A global survey last year by Gartner Inc. found half of employers will require employees to BYOD—bring your own device—to work by 2017.

“The speed at which new devices are appearing in the workplace is such that no corporation could keep up with equipping their employees with the latest technology,” Mr. Collins says. “BYOD is going to be faster and more cost-effective. If I know I have a specific kind of tablet I’m looking for and it’s going to work for me, then I’m a satisfied worker. I now have the work platform I find acceptable.”

BYOD is a double-edged sword. If you opt for BYOD to respond to the risk of fast-changing technology, you expose yourself to the related risk of not having complete control over employee-owned devices—which are connected to your network. “All the viruses, malware and inappropriate websites, if the company I’m working for isn’t prepared, all that will come with me,” he warns.

Three-fourths of mobile applications will fail security tests through next year, according to a report by Gartner. The report adds that the applications are developed with focus on usefulness, but that related security testing often is casual. It shows how difficult it is for companies to ascertain their BYOD risk, amid the multitude of applications.

Another risk connected to BYOD is network capacity. A worker plugged into the corporate network with a personal device might use both personal and business accounts simultaneously, such as a smart-phone feed that monitors the worker’s home. “All that traffic is going through the network, so the network has to be able to handle a lot more,” he says.

Organizations need to be ready with bigger pipelines for that data, he says. They also need to be aware of the latest ruses by attackers and to keep employees well-informed about how to protect themselves—and the organization—from intruders.

Data at risk

A survey last year by TEKsystems of 2,000 IT professionals found that 38% thought more than half their companies’ sensitive data is at risk and 20% thought all corporate data could be compromised because of BYOD.

BYOD puts corporate computers in the middle of a web of interconnected risks: intruders seeking entry to the corporation, hackers and thieves seeking the employee’s personal information, employee error or carelessness, inappropriate employee behavior and more.

What if an employee’s device is compromised by a virus that shuts down the corporate IT system, or an application for personal use gives a third party access to corporate networks? What if an employee’s device is lost or stolen?

Most IT departments wipe clean a compromised BYOD—but that deletes the employee’s personal data, and employers need to get the employee to sign a waiver to allow the deletion, says Route 1, a digital security and identity-management solutions company.

At the same time, once an employee leaves a company, the employer may no longer have a way to get back data stored on the BYOD.

What an organization can do in the name of cyber security and what is a violation of privacy pose two more interconnected risks. BYOD is still so new, there’s not yet legal precedent in major jurisdictions, leaving it in a gray area. As of February, there were no BYOD-specific cases at the European level, nor at the country level in France, Germany, Italy, Spain or the Netherlands. However, other privacy cases have illustrated that limits do exist on companies’ monitoring of their workers’ private email accounts. For example, a German company was fined more than €1 million for screening employee data to combat corruption and for monitoring communication sent by external e-mail accounts by employees.

Employees who take their devices on business travel abroad present another security risk. Many countries don’t have legal restrictions against technical surveillance, and “electronic eavesdropping has been reported on airlines, in hotel rooms, taxis and meeting rooms,” warns the U.S. Federal Bureau of Investigation.

The FBI recommends avoiding wi-fi networks, clearing the device’s Internet browsers after each use, and logging into your corporate network only from your organization’s own computers. It also suggests changing all passwords upon return home.

Companies use an array of techniques to protect themselves, from high security for network access, to clear corporate policies about BYOD, to use of outside vendors that promise to separate corporate information from employees’ personal data.

While companies may do their best to maintain security, the vast possibilities for attack make it hard to keep up, especially when so many flaws may seem benign. However, an attitude of “if it isn’t broken, don’t fix it” doesn’t work with BYOD. A study by Dell of customers with BYOD policies found half have suffered a security breach.

To protect themselves, companies are increasingly looking to cyber insurance. In a survey of U.S. companies late last year by Zurich and Advisen, almost 55% said they planned to buy cyber insurance in the next year, almost double the rate of the year earlier. New lines of insurance coverage are being created to keep up with the evolving risks. Cyber insurance options can include extortion, privacy liability, breach mitigation costs, consumer redress, electronic vandalism, errors and omissions liability and more.

Companies need to consider how they treat other risks in order to adjust their BYOD policies and risk management to their overall risk profile.

Downsides of always-on work

The risks from the overlap of personal and business on BYOD go beyond technology to interconnect with other areas, such as talent management.

“Many of us have tablets, smart phones or whatever, that have personal and business issues on them,” Mr. Collins adds. “Many of us put in very long hours in the office. We’re classic work integrators: we answer work email and answer personal email. Productivity is simply different.”

Some studies have found productivity is higher for employees who work from home. Cisco Systems Inc. in 2009 estimated that increased productivity by its telecommuting workers saved the company $277 million a year. One Chinese travel agency reported a 13% increase during a nine-month experiment with home-based work. The gains inspired the company to let all employees choose whether to work from home. More than half switched, and productivity rose 22%.

While it’s more productive, “some people may have trouble drawing the line. How can you ensure that you can occasionally be mentally separated from work?” Ms. Conrad asks.

“People may feel they are expected to work 24/7,” she says. “It increases the stress level. An email pops through at 8 p.m. and you may think you have to answer it right away. Before, an email at 8 o’clock would have arrived after you’d left for the day and it would have waited.”

In a survey of 1,000 U.K. workers by file-sharing company Egnyte and TLF Research, 40% of respondents said they would feel obliged to work during personal time if their employer introduced a BYOD policy.

Some companies are already taking steps to address this issue. Daimler AG lets workers set an out-of-office message telling the sender which colleague is handling their responsibilities and then deletes the email.

Companies are still working out the answers to the questions that increased mobility poses, and the task is getting harder as new devices with new capabilities go on the market, opening up more new territory in the brave new world of connectivity. A holistic approach to the interconnected risks—technological, cyber security, talent management—is key to making mobility a success.

This post first appeared on Zurich Knowledge Hub

Author: Catherine Bolgar spent 12 years as an editor at The Wall Street Journal. Since leaving the Journal two years ago to move to the South of France with her family, Bolgar has been a freelance writer.

Image: Men are silhouetted against a video screen as they pose with smartphones on May 17, 2013. REUTERS/Dado Ruvic