SearchInform has conducted a research on companies’ experience in shifting to remote work and keeping business processes going.
The analysis demonstrates the approach to overcoming current obstacles and gives statistics on how businesses have already been impacted by taking urgent measures.
Some results show a considerable discrepancy and some make the companies concur.
Businesses tend to move only those employees who can work remotely, monitor workers by making calls and receiving daily reports from them instead of controlling remote teams with the help of time tracking software or DLP systems. The research emphasises that many companies are of the opinion that the number of internal and external incidents remained the same, whereas some claim that internal violations became less frequent while external attacks became more aggressive.
The majority of businesses saw the change in the amount of working hours, the answers were distributed almost equally by those who said the workday became longer and those who admitted that employees worked fewer hours after the company went remote. 1/3 of respondents noticed a drop in performance.
The research points out that almost half of the employers do not control their remote teams.
Moving to remote
56% of the respondents preferred to ask only those employees to work from home who can work remotely. Almost 41% decided on moving all staff to remote work. About 2% couldn’t relocate the workflow outside the office, whereas only 1% say that their business processes still aren’t moved as it seems impractical to make such a change.
Remote employee monitoring
42% of the companies do not control their remote workers’ activity. 39% of the survey participants make calls during work hours and require that each employee writes a report listing completed tasks. 16% monitor employees and data transfer with the help of DLP systems, and 10% opt for controlling discipline with the help of time tracking software. A number of the companies chose to combine the methods of controlling employees working from home.
Has the number of internal/external incident increased after the company went remote?
The majority of the businesses went with “I don’t know” answer — 38% couldn’t give the response about being aware of internal breaches, and 41% of the companies’ representatives had no information on any external cyberattacks whether their assets and data got affected during the massive relocation arrangement.
As for the internal violations, 33% claimed the number remained the same, 18% asserted that the amount of internal incidents actually decreased, whereas 11% stated that there appeared to be less internal errors or fraudulent actions after shifting to remote.
As regards external incidents, 30% affirm nothing has changed, 7% notice the decrease in cyberattacks, and 22% of the companies inform us about the growth of phishing, hacks or any other external violations.
The amount of working hours has dropped, according to 32% of respondents. 30% emphasised that the duration of a workday actually increased after companies moved their teams to work from home. 28% of participants managed to keep the same mode of operating.
The performance quality seems to be worse in opinion of 34% of the companies. Anyway, 22% claim that the workers became more productive and focused. 25% believe the level went neither up nor down, and 23% are not informed on this.
Information security while working at home
How safe is it to work remotely? Almost 1/3 of respondents put the safety of home as a workplace somewhere in the middle between “completely safe” and “totally unprotected”. 7% think that security of working outside the office can be easily ensured, and the same number of companies would disagree claiming that their businesses can be as easily endangered by moving the processes outside the corporate perimeter. About 40% of the companies would give it 7,5 out of 10 (where 10 is “completely safe”) regarding the security of communication between a company and a remote employee.
How costly is it to go remote? Is it convenient for business processes and does it require efforts?
Only 3% of companies don’t see any financial issues in going remote, 19% consider that it may cause some expenses or may not, depending on many other circumstances — some might have already purchased the monitoring system before and don’t need to buy new instruments, some might see their income go down significantly as remote work is simply inefficient or not suitable for them. More than a half — 64% — are sure that going remote doesn’t impose extra costs.
58% of all the surveyed say that remote work is workflow-friendly and doesn’t interfere with a regular workday performance routine and result in general.
As for the efforts, nearly 1/3 think that the need to connect remotely might cause moderate problems but can’t be a trouble. 56% state that efforts are unavoidable and many tasks must be solved.
Adaptation: how do employees feel in such a situation?
Companies are convinced that employees are quite adaptable to working remotely — 43% give it from 7 to 10 out of 10 (where 10 is “absolutely adaptable”), 29% are halfway there giving 5 or 6, whereas 12% of respondents doubt that a team can enjoy the change and maintain the level of productivity.
VPN issues, the Internet connection, user activity monitoring, software and hardware installation control as well as the new requirements which employees had to face were mentioned by the companies and appeared to be among the popular problems to deal with when going remote.
“An emergency transition to remote work is a potentially negative process regarding data security and IT infrastructure. Those companies which have already implemented the elements of the remote format did well, and the obstacles might have been only about the scope of the problem. For the rest, moving the workflow caused difficulties — there were no resources to remodel regular processes promptly. I am glad that many companies appeared to be able to cope with the adaptation,” Alexey Parfentiev, leading analyst at SearchInform — developer of cyber threat mitigation solution, comments. “The situation with human resources, information and economic security is much worse — issues have faded into the background. This explains why a large number of companies have no understanding at all whether there were incidents after shifting to remote. Some said that the number of violations remained unchanged, because there is nothing to count — there are no control mechanisms. Security issues aren’t of primary importance for businesses right now for obvious reasons, but the situation will surface when the number of incidents grows: an increase in the number of violations, susceptibility to social engineering attacks, BEC attacks. Therefore, companies will have to rethink their business processes in terms of security.”
The respondents represent a wide range of industries, including IT, risk management and compliance, information security, banking and financial services, government, oil and gas, telecommunications, entertainment, manufacture, consulting.
We have received the opinion from small, medium and large businesses — 57% of respondents have 1–100 staff members, 25% — 100–500, 16% — 500–3000 and 2% — more than 3000 employees.