daniilvolkov - stock.adobe.com
Balancing remote work privacy vs. productivity monitoring
Weighing employee productivity monitoring against remote workers' privacy is a serious issue that requires protecting personal and corporate data and setting the right policies.
While the hybrid work model remains a work in progress, it is clear that some degree of work from home is here to stay. Not everyone is cut out to work this way, however, and IT leaders must address a variety of challenges to make home-based work viable.
One particular challenge is the need to maintain productivity. For home-based workers, this can involve the use of monitoring tools and AI-driven performance analytics. Many of these capabilities are new, and to be effective, IT leaders must strike a balance between using them to manage productivity and not crossing lines around privacy.
As technology becomes more pervasive, privacy issues are becoming increasingly complex. This isn't only because monitoring tools are now so powerful, but also because of unintended consequences when adopting new behaviors. Work from home is a prime example. This article examines the key remote work privacy pitfalls IT leaders must try to avoid, along with approaches to mitigate them.
3 remote work privacy pitfalls
1. Exposing personal and family private information to an employer
For employees living alone, privacy risks may be minimal, but they still exist. Unless personal and work activity are entirely segregated, privacy lines can be crossed in several scenarios. This is especially true if workers are using common platforms, such as contact directories, email and file storage.
The more staffers are working from home, the greater the chance that work and personal activity overlap inadvertently. This privacy concern can impact both parties equally. First, personal information could end up being shared with the organization or even customers. In the opposite scenario, employees could end up sending sensitive business information to personal contacts by accident, which would be a breach of corporate privacy.
For the scenario above, privacy risks could be further compounded when others in the same household share a broadband connection. This is a common scenario for many employees, and whether it be spouses, children or roommates, each represents another touchpoint where personal data could be shared unintentionally or accessed by outside parties.
This pitfall pertains to data and identity privacy, where risks can be great if bad actors are involved.
2. Exposing private living spaces for all to see through video
Video exposure is a different form of privacy breach that largely falls into the realm of unintended consequences. Video exposes the personal space of home-based workers. While the data risks are low -- but not zero -- it is a privacy concern nonetheless.
Video was arguably the most important technology for businesses during the COVID-19 pandemic, as it was the right tool at the right time to make work from home manageable. The visual element enabled these employees to connect with office-based workers and other remote workers in ways that telephony or audio conferencing could not.
High adoption of video usage has given rise to all kinds of new behaviors, as home-based workers try to maintain professional decorum. For most workers, however, being at home is a new way of working, and many may not have dedicated office space. This is even more problematic for people living in small quarters, with others often present in the background. By having to adapt personal living space for work, all kinds of unintended consequences can follow, including providing co-workers an intimate view of employees' home lives.
3. Making it hard to tell if employees are working if they're not visibly engaged
This is a natural concern, where "out of sight, out of mind" raises questions about the quality of work done outside the office. Managers have long treated remote work as the exception rather than the rule for this reason, but with the pandemic, they had little choice but to accept it.
At the core of this point is trust, and where the level is low, interest is strong in using monitoring tools for home-based workers. To some extent, this is perfectly reasonable, especially given the unlimited options for online and mobile distractions that are just a click away when working from home. The privacy pitfall here has to do with equating quiet spells of online engagement with home-based workers being unproductive.
Unified communications (UC) platforms are a great way to keep all everyday applications on a single platform. Because they are digital, all activities can be tracked by IT and team leaders. UC activity may drop off at times, but that doesn't mean workers aren't being productive. For example, they could be talking to customers on mobile devices or need to focus for writing. In cases like this, control-heavy managers may resort to surveillance tactics to be sure people are working, but that only exacerbates trust and saps morale.
How to address remote work privacy pitfalls
1. Involve remote employees in the policy-setting process
Privacy is as much a bottom-up issue as it is a top-down one. Some employees have embraced work from home, but others prefer the conventional separation of home and office. Regardless, hybrid work on a large scale is new for everyone, and the rules are developing as time goes on.
Going forward, most businesses need to support a mix of office- and home-based work. With that, new policies need to be developed. Regarding the three pitfalls addressed above, privacy issues take many forms. But, when it comes to work from home, most of the impact falls on the workers.
Aside from the fact that they greatly outnumber the ranks of management, workers are more likely to be home-based than managers. They have the deepest understanding about privacy concerns and how best to manage them -- not just to stay productive, but also to build trust with management to support work from home. By incorporating that perspective into privacy policies, they more accurately reflect the realities for home-based workers.
2. Segregate personal and work activity as fully as possible
This is a practical consideration, and one that IT likely supports. Regarding the first pitfall above, data privacy risks can be largely curtailed with a segregated approach. On one level, data sources can be segregated, although this is hard to do. Small businesses often use common platforms, like email or Microsoft 365, for both business and personal use, especially over mobile devices. UC can go a long way to keep work activity and data on a dedicated platform, but on its own, it isn't enough to keep personal data separate.
Another issue pertains to the physical devices, and this could be a better approach in cases where workers clearly have difficulty keeping home and work activities separate. The starting point for this would be using separate PCs, with at least one for business purposes only. Sharing business and personal on a single PC can be manageable for a single person, but when a family is sharing the same device, the privacy risks are high.
The same applies to mobile devices, and since these are generally not shared, the solution applies only to the employee. The practice of carrying separate mobile phones for personal and business is common, and for mobile-centric workers, the added cost to subsidize a business-only phone can be justified in terms of reducing privacy risks.
3. Ensure privacy policies apply to all
Management usually develops workplace policies, and by nature, these tend to be top-down. Even if workers are involved with developing privacy policies, they won't be implementing them. With parallels concerning trust and for privacy policies to be effective, they must be for everyone, not just home-based workers.
Privacy issues for home-based workers center on respecting their personal privacy but mainly for maintaining good behavior. Everyone understands the need to protect company data, and these policies help safeguard personal privacy along the way. In cases where trust in management is low, these measures are only halfway good.
For employees to feel comfortable with home-based work, privacy policies need to apply to management as well, especially in terms of accountability for bad behavior. The same technologies used by management to monitor productivity can also be used for surveillance, and this practice appears to be fairly widespread with the rise of hybrid work. To whatever extent that is taking place, privacy is a two-way street, and employees need to know that proper safeguards are in place for abuses of this nature.