The COVID-19 pandemic forced enterprises into a full work-from-home mode practically overnight. There was no time to test, evaluate and decide. We were thrown into this “new normal” where anything that can be done remotely is being done remotely.
“We’re being forced into the world’s largest work-from-home experiment and, so far, it hasn’t been easy for a lot of organizations to implement,” says Saikat Chatterjee, Senior Director at Gartner.
This “new normal” is testing every enterprise’s agility to its core. Two questions are key for every enterprise:
- Can we continue working?
- How do we ensure continuity of operations during the pandemic?
The stakes are high as enterprises struggle to adapt and minimize any losses in money, reputation, clients, employees, etc.
With a significant growth of interest for remote work, enterprises are scrambling to find ways to adapt their existing legacy systems to enable their workforce to work from home. The chatter around work from home is so high that it’s incomparable to any previous time, as the chart below shows. This study points out that “work from home” was a subject of 423 transcribed conversation in public companies:
I looked up his position title on LinkedIn and it just says “Senior Director” so we don’t need to include the advisory bit [JS1] [JS1]
Technology plays the leading role in this digital transformation drama. And, according to Gartner’s research, a high 54% of HR leaders indicate poor technology and infrastructure as the main problem for efficient work from home implementation.
The challenges of legacy technology in a work from home setting
The first challenge that users of legacy systems face is their inability to provide work from home capabilities at an enterprise-wide scale. Simon Migliano, the head of research at Top10VPN.com once commented about enterprises’ abilities to provide VPN access to their entire workforce: “We know of at least one company whose VPN capacity is 8,000 users…Now, they have over five times as many employees trying to connect, with predictably frustrating results.”
According to an estimation of Rob Smith, another Gartner analyst, around one-third of enterprises were without proper equipment and knowledge to work from home. Another one-third had no plan at all and had never planned ahead to create any kind of a telecommuting strategy…
Many of these enterprises who didn’t proactively update their systems and corporate culture for the growing work from home trend found themselves in a challenging situation. Their IT departments needed to quickly adapt existing, usually outdated, on-premise software solutions that were never built to provide telecommuting capabilities.
These on-premise enterprise content management solutions were built with the preconception that there will be people close by to monitor and manage infrastructure, processes, documents, etc. Such proprietary systems needed the physical presence of people, so they could work efficiently, reliably, and securely.
Security is another challenge for enterprises using outdated systems. This is especially the case in regulated industries where workers go through security routines to get to their desks. Now, with the work from home culture, all those physical security measures account for nothing as enterprises are forced to grant remote access to sensitive data and processes without a tried and tested security setup.
For all these problems, the “government, legal, insurance, banking and healthcare are all great examples,” says Sumir Karayi, CEO and founder of 1E. “Many companies and organizations in these industries are working on legacy systems and are using software that is not patched. Not only does this mean remote work is a security concern, but it makes working a negative, unproductive experience for the employee.”
That leads us to another challenge: workforce productivity. The loss of productivity in enterprises that were not prepared for remote work is due to a lack of modern technology and a lack of employee training. An outdated enterprise infrastructure coupled with an untrained workforce for a work from home setting means enterprises found themselves in unknown territory with no battle plan.
Employees in unprepared enterprises are now juggling work and life challenges without any prior training. We’ll be reviewing these workforce challenges in the next blog post. For the time being, we’ll keep our focus on the technology side of the problem.
Proprietary and on-premise solutions should be replaced with modern Software-as-a-Service (SaaS) solutions.
Why is SaaS the solution for enterprise management?
Secure data access from anywhere for the entire workforce is one of the key reasons why enterprises should consider cloud solutions. Picking the right SaaS solution coupled with proper training can lead to productivity growth and employee satisfaction. Consequently, this will result with improved customer satisfaction. Enterprises that have planned and prepared for a work from home culture can, in fact, see solid growth during this COVID-19 period.
In general, SaaS companies and providers are offering a variety of enterprise solutions, such as:
- enterprise content management (ECM),
- business process management (BPM),
- customer relationship management (CRM),
- document management,
- case management,
- payroll and billing processing,
- human resource management
Today, according to 451 Research, the cloud is the new mainstream, with approximately 90% of organizations surveyed using some type of cloud service. In 2019, around 60% of all workloads were running on some form of a hosted cloud service. This represents a huge rise from 45% just a year ago. Amazon Web Services (AWS) is the leading cloud vendor with a 32% market share with an annual growth of 41%.
According to the IDG survey, 89% of companies use some kind of SaaS services. In another study, Cisco was cited as stating that by 2021, approximately 75% of all cloud workloads and compute instances will be SaaS. The leading reason for SaaS adoption across enterprises are:
- ability to work outside of the office (42%).
- ease of disaster recovery (38%),
- flexibility (37%),
- offloading IT support (36%)
The rate of SaaS adoption by enterprises has only accelerated because of the pandemic. At what rate, we’re yet to see. We should see a faster adoption pace as more enterprises move off of proprietary solutions to SaaS solutions simply because the old systems don’t provide the flexibility required by the new normal enforced by the COVID-19 pandemic.
SaaS benefits beyond productivity
SaaS is quickly becoming a reliable choice for private enterprises and government organizations. Enterprise executives are considering SaaS during this pandemic more than ever as they seek to adjust their organizations to a work from home culture and ensure staff efficiency.
It’s not only efficiency, though. According to the Rackspace study, from 1,300 surveyed companies, 88% of the enterprises with cloud services have experienced cost savings. Additionally, 56% reported an increase in profits.
Let’s look at a few other obvious benefits enterprises and agencies can gain from using SaaS solutions over the more traditional on-premise approach:
- Reduction of the hardware cost
When using SaaS, there will be no need to maintain the existing server infrastructure on-premise. Cutting out the cost of hardware purchases and maintenance is especially important for fast-growing enterprises. New hardware can be bulky, expensive and demand special treatment and HVAC improvements. SaaS-based cloud solutions overcomes these issues. Furthermore, the cost of repairing and replacing hardware components is now passed on to the vendors to worry about.
- Reduction of electricity and real estate expenses
The reduction of on-premise hardware will directly and positively affect the organization’s electricity and real estate expenses. Enterprises that adopt a SaaS solution for their ECM needs will free up real estate in their buildings, cut electricity costs to power that IT equipment and reduce their HVAC bills as there would be no need to climatize large rooms full of heat-producing equipment.
With offloading the needed hardware concerns to the SaaS supplier, enterprises and agencies will no longer need a considerable workforce that maintains those systems. Routine maintenance, patching, hardware and software upgrades are all part of the SaaS offer, and this can be a considerable amount that companies save every month.
- Reduce the time and cost for implementation and training
The deployment of a new cloud-based solution is considerably faster than any other conventional system implementation. While an on-premise solution would take months of work to set up the infrastructure, install the software and do internal training, a SaaS solution is set up in a few hours. Of course there will be exceptions to thissince some enterprises may need customization to an existing SaaS solution. But, all customization would be handled by a much larger IT team who can deploy a solution much faster. Most SaaS providers already have ready-made libraries of support materials like manuals or how-to videos, which makes training a self-service task for employees.
- Flexible cost of ownership
The typical SaaS pricing model is pay-as-you-go. Sometimes, there will be an initial setup fee if customizations are needed. After the setup, organizations will be looking at a relatively small fee each month, depending on the size of their workforce and features/resources they use. This pricing model is flexible, and it offers different ways for organizations to reduce overhead:
- First, the enterprise does not face a steep annual license With SaaS, there is no such thing as a software license. You rent the service and pay a small fee per user, per month.
- Second, this pay-as-you-go software can be canceled at any time. For example, if a pandemic happened. Or monthly fees can be reduced accordingly if and when the enterprise decides to reduce the workforce. The flip side, of course, is also the ease of scaling up the workforce. The only expense here would be the few minutes needed to create a new user profile for the employee, and they’d be ready to start using the software and the vendor-produced training materials.
- Third, enterprise SaaS solutions usually come with a utilization fee. For example, this means that enterprises won’t face fixed fees for data storage or computing power if they don’t use these services that much… This helps enterprises avoid fixed expenses of additional hardware that they would only use in peak periods. Cloud infrastructure providers, like AWS, are enabling SaaS providers to get the maximum value from server farms, and this benefit is clearly transferable to the end user, which in this case is the enterprise or organization using a SaaS solution.
This is clearly a very short list of extra benefits besides employee productivity and employee satisfaction improvements. As stated in the statistics above, enterprises and organizations are aware of the benefits of cloud-based solutions. This is why more and more of them are replacing proprietary and on-premise solutions with SaaS solutions. The pandemic only expedited this migration to the cloud as the work from home mode is now the only viable way for some organizations to continue operations.
The final step: SaaS-based Technology implementation
It used to be the case that the most prepared organizations in terms of software and hardware were the most resistant to cloud-based solutions. Their upfront investment made the cloud idea a bit redundant. But, times have changed. As Rick Holland, CISO and vice president of strategy at Digital Shadows, stated for Threatpost: “One of the unintended consequences of COVID-19 will likely be increased zero trust adoption that further embraces cloud services, eliminates VPNs, and enables employees to work from anywhere.”
Continuity of Operations must be provided. Enterprises will offload everything on the cloud: software, data storage, operations, processing power, users management, etc. Before the pandemic, Gartner estimates 50% of government organizations across the US were using cloud solutions. This number will rise even faster during a pandemic as SaaS solutions are already built with remote work in mind.
The crucial step of implementation of SaaS-based solutions is finding a reliable technology partner. This partner would ideally be a company that already has the know-how and routines in place to perform critical data migration and workflow creation processes using reliable technology… A company, which is recognized for its expertise, reliability, and ability to work under pressure.
Armedia LLC is a CMMI Level 3 company that provides a niche focus in Enterprise Content Management (ECM) technical and advisory services. We are a proven provider in delivering modern, flexible, robust, and scalable solutions to federal/state/local government, as well as commercial enterprises. With 18 years of deep ECM experience, our skilled team with industry certifications has helped deploy hundreds of ECM solutions. In just the past year, Armedia has actively supported over 20 initiatives in the government and commercial market.
For more info, don’t hesitate to contact us. We’d love to hear your thoughts on the topic, and we’d appreciate you sharing this blog post on your social media.
The COVID19 pandemic forced most enterprises to send their employees to work from home. While they were busy implementing new solutions, procedures, and guidelines, employees working from home faced their own set of challenges they weren’t prepared for.
In one recent research article, over 75% of people said that the COVID-19 outbreak has had a negative impact on their habits and routines. Anyone working from home, which nowadays is pretty much every single one of us, are in an unknown territory, forced to adapt to new lifestyles and new routines with a zero-transition period. In this blog, we will go over some tips for successful and productive work from home strategies.
We’ve organized the tips in 5 major categories for easier navigation. You may be tempted to jump to one of these categories and skip the rest. Try to avoid the temptation. Reading the obvious could be all you need to kick a bad habit out and replace it with a good one. Let’s get started.
Basic work from home tips
This first batch of tips is aimed at equipping us to avoid the pitfalls of slouching on the couch in our PJs for hours just because we’re not commuting to work. These are the most obvious things that so many of us fail to do, and we end up locked in a “Sunday mode.”
- Leave the bed, get off the couch. Find a comfortable and dedicated spot to work. This one spot could earn the “at work” nickname for the time being. Sitting at the desk will mean you’re at work, and when you get up, you’re not at work anymore.
- Get out of your PJs, have an early breakfast, and sit up straight. Maybe it sounds obvious, but it helps your mind to start a logical, productive routine and keep going throughout the day. Establishing routines is essential to stay focused and mentally healthy while working from home.
- Make daily plans and stick to them. Living in isolation from others may throw your mind into a Sunday mode. To avoid this trap that will kill your productivity, set a more detailed plan, and stick to that schedule as much as you can. When you work from home, the daily schedule should be more detailed and structured. Time to work, time for a break, time to play with kids, feed the dog or do some shopping. And don’t forget to schedule some outdoor time. Live organized while you work from home.
- Take advantage of your space and stay active and positive. Get up from the working desk. Leave the computer. Stretch and walk around. These little things may go a long way for your mood. Also, try some cooking. Healthy, regular home-cooked meals will nourish your body and your soul. Use the current situation of working from home for doing everything you couldn’t normally do in the enterprise office. And also, drink water regularly throughout the day.
- If you need any help, ask. Enterprise employees are used to having plenty of colleagues at an arm’s reach away, which meant that help was just a whisper away. Now that we’re all working from our home office, we need to remember that these colleagues, although miles apart, are still just a few mouse-clicks away. Collaboration tools are there for a reason. You’re not alone. When in need of help, reach out to others.
Having the basics covered, let’s now continue to improvement tips.
Tips for the “at work” time while at home
Once you set the basic personal rules of conduct, let’s move on to the tips to help you make the most out of your work hours while working from home.
- Dress up & show up on time. Some may find this overkill but putting on “office attire” changes how we perceive ourselves. Dressing up for the nook you call your “work desk” does help. Being on that desk, on time, every day can have significant productivity and mood benefits. Try it out for some time. Keep track of how far you get, how much you get done and how well you feel at the end of the day.
- Kids rules. With schools in lockdown, chances are the kids are also at home in their Sunday mode. You should have a dedicated room, and a schedule for them too. Help them understand the situation as much as they can, and you may be surprised as to how well they adjust and stick to the new rules. Knowing your kids, you will need to work out the story and the words you use to communicate effectively, so you can all keep your sanity during the lockdown.
- Find a chat buddy. It could be a co-worker or just someone like you, it doesn’t matter. Social interaction can alleviate feelings of loneliness and isolation. “We’re used to social interaction,” says Dr. Thuy-vy Nguyen from Durham University in his study of solitude. “It facilitates cooperation and closeness.” The employee that works from home should fill the socializing gap. It could be the colleague you can hit up when you feel the need to communicate with someone. It could be a friend that works for another organization but is going through the same experience of isolation.
- Whenever possible, do video communication. Doing a phone call is not the same as doing a video call. Seeing other people’s faces changes the way we communicate. It brings us closer. Do whatever you can to simulate in-person communication. “There will be a sense of isolation of course, and it depends on how well your team communicates, or how much they’re willing to amp up communication using other tools besides face-to-face conversations,” says remote worker Matt Haughey, creator of the long-running community weblog MetaFilter and writer for Slack.
- The end of the workday. It is good to send a message to the rest of the team or department near the end of your workday. You can use email or chat, or any other apps you are using as a team. Something simple like “goodnight” or “thank you for a good working day” or last call for questions before you sign-off. It is an alternative to something that we all do in the office – saying goodbye when we leave. This is an excellent way to establish soft boundaries between work and family time, and it helps others to respect your time. This also helps colleagues feel connected and improve the atmosphere in the team.
- Stay available. You are using different kinds of communication platforms. Keep the notifications on. People may work under a different timeline, or they are simply in different time zones. Being available for your remote colleagues can help bridge the geographic and time gap, and help your organization be more agile in addressing issues and solving problems.
Sticking to these simple guidelines may make a tremendous difference in how you feel about working from home. Most of the time, for people who stick to these routines, working from home may even feel liberating and improve personal productivity.
Tips for team leaders
Team leaders will usually have more work in organizing and managing team activities and team performance. This means that the team leaders among us will need to step up and take charge more often, using more technology and hone our soft skills even more. Here are a handful of tips to help you do better management in a work from home setting.
- Communicate with your team members. Work hours, goals, targets, problems… Be clear about what you are expecting from them. Then do what is needed to empower them to do their job on time and to do it well.
- Try to make work from home as fun as possible. Don’t turn all discussions strictly in the work-related direction. Share links or informal information on similar topics like in the physical office. Encourage everyone to take breaks. Lead by example.
- Run well-timed and organized meetings. Teem meetings are just as important when the team is working remotely. The challenge with online meetings is that some of your team may be in a different time zone, or their work from home setting imposes a different daily timeline. Make sure you pick a time that is good for the team.
Physical distance from one another creates a perfect atmosphere for people to drift away while others are talking about something. You will need a well-prepared meeting agenda that everybody knows ahead of time. The common goals will serve as a gathering platform for the team, so the meeting will feel much more focused. It will also allow people to feel some sense of ownership of the meeting as they will usually have at least something to add or discuss one or more points on the agenda.
- Know which tools are working and which aren’t. Ask, observe and test. Be open to changing and improving. Ask management as soon as possible and be a leader in technological improvements.
- Be sure your words are not misread or misinterpreted. Most of the communication we do in face-to-face conversations are communicated or clarified through nonverbal communication. The problem with online meetings is that we don’t have the nonverbal cues at our disposal. It’s much more difficult to capture facial expression nuances, posture changes, tonality variations, etc. This means that our words may convey a different meaning from our original idea. Make sure you give people the room and time to reflect on what they understand from what others are communicating. When doing a non-camera meeting, feel free to use commonly understood emojis like smiley faces. This will help your team conduct better meetings, and you will have fewer misunderstandings.
Things will not get better unless managers don’t get better at managing remote teams. While you already have plenty of transferrable skills, be mindful that physical distance does make communication a bit more challenging. However, remote teams can outperform an in-office setting when things run smoothly and as transparently as possible.
Be aware of the cybersecurity challenges.
When we work in an office building, there is usually a security company providing physical security to the building, and there is probably a team of experts ensuring digital security. In a work from home mode, cybersecurity is a vastly more burning problem that should constantly be top-of-mind for the entire team.
- Update your SOPs with cybersecurity in mind. Now is the moment to read the companies policies and practices and update them with higher cybersecurity requirements. As millions of people are working from home, they unwillingly pose serious cybersecurity challenges. Employees who never gave cybersecurity a second thought are easy targets. They can easily click on a malicious email or install suspicious software, which can serve as a spy app for stealing sensitive information. If your organization relies on people using their own computers at home to do office work, you will need to inform and remind people of the dangers of cybersecurity and the need for diligence.
- Train staff to secure their personal and mobile devices. While employees work from home, they are inevitably using their home internet setup to run business operations. In many cases, companies will rely on people using their personal computers to work from home. Things get even more complicated as employees may put company data on private devices either unintentionally, or out of convenience.
Your SOPs will need a training clause where someone on your team will take charge of keeping cybersecurity best practices as a top priority and regularly bring this up with the team. Having a home firewall, regularly updated antivirus and antimalware apps and not storing office passwords in a notepad document, are all things to help strengthen the security profile of your organization.
- Use secure connections. While working from home, remote workers can use unsecure connections for communication. From the office, it is harder to make that mistake as there is usually a dedicated team on-site handling the intranet communication procedures and what gets out of the building and onto the internet. Security leaders should proactively reach out to individual team members and help them do the necessary setup for encrypted connections like VPNs. As support technicians know, you never assume the other knows what you know. Therefore cybersecurity personnel should prepare guidelines for digital safety and regularly remind people of these best practices. These practices are especially important in organizations that allow remote access to on-site repositories and legacy document management solutions.
- Use strong passwords and authentication. While employees work from home, IT departments and system administrators have additional challenges. In the new situation, it is harder to monitor remote workers and be sure they are using strong passwords and authentication. Biometric security can be more challenging to set up in a work from home environment, and while fingerprint scanners are affordable, adoption of the idea may be a bit harder than in an office setting.
At the same time, it is more complicated to perform password management actions. It’s even more challenging to ensure that every remote computer is running the latest OS patches and security updates. Security professionals understand that the weakest link in the security chain dictates the security of the entire organization. Making sure that every single employee brings their A-game in managing their personal computer security is extremely important for the security of the entire company. Employees should be aware of this responsibility. Only with their diligent password management, the organization can run a secure work from home digital environment.
Cybersecurity is usually tucked away in the IT Department, and the rest of us rarely bother about it in our daily activities. When working from home, the first line of defense is proper SOPs, excellent communication, and regular reminders of the security best practices.
Use technology as a help and as a tool
- Use collaboration tools as much as possible. There are many useful applications you can use while working from home. Zoom, WebEx, Hangouts, Slack, Trello, MS Teams…the list is long. The market was already full of them when the migration of the remote workers begun. Do not hesitate to speak to your IT department for guidelines on which ones to use and how to install them.
- If possible, separate the use of private and enterprise devices. Now, while employees work from home, they combine the private end professional life in one place. Sometimes even at the same time. The one thing they should separate is devices. Enterprise devices have special security software and protocols installed for the security of costumers and enterprise data and documents. Also, they are less vulnerable to phishing and other types of cyberattacks. The discipline of using only private devices for private usage is essential for cybersecurity while working from home.
- Use SaaS solutions as much as possible. As we describe in one of our previous blog posts, secure data access from anywhere for the entire workforce is one of the key reasons why enterprises should consider cloud solutions. Picking the right SaaS solution, coupled with proper training, can lead to productivity growth and employee satisfaction. Keep an open line with your colleagues and ask them to share any information about a potential SaaS solution that can replace an office-bound system you currently use. Being proactive is significant in stressful COVID-19 pandemic times.
- Use music and white noise to improve productivity. When employees work from an office, the sound and visual standards are more robust and stricter. Use the freedom of being at home and use the audio as a productivity booster. Listen to the music that matches the energy of the project. Music has the power to help focus and stimulate intellectual capabilities.
There are studies online that can help your team figure out what kind of music would be most suitable for different people and different departments. At the very least, getting your team to hop over to YouTube for some white-noise playlists could help them put a mental barrier between their workplace and the inevitable noises and distractions in a regular home environment with kids, spouse, pets etc.
- Do not hesitate to use various apps to improve the non-working time. In pandemic time, employees are at home when they are “at work” and when work hours are over. Whether it’s a work activity, watching a movie, exercising or socializing, the home is basecamp for everything. There are workout programs for people who can’t visit the gym. See if your company can dedicate some resources to allow this digital gym membership to your team. There are exercise programs for young people, young moms, middle-aged people and there are workout programs for seniors, too. These online programs aren’t prohibitively expensive, but they can go a long way in building up a positive spirit in your organization.
There are also entertainment options you could extend to your team. Netflix is one. YouTube Premium is another. Audible is also a great option for information hoarders among us. Do what you can to make the work from home experience as effective as possible by helping your team to find leisure activities past work hours.
When we think of technology and work, we regularly think of collaboration tools. However, these two terms intermingle in more complex ways. How we manage our computers and phones in terms of security, how we create a working atmosphere while the entire family is at home, what we do to have fun at home under lockdown and more. All these topics are a part of the technology and work conversation that companies should have in order to guide their workforce during this challenging period.
Let’s wrap up
The COVID pandemic came suddenly and strained the abilities of enterprises and employees alike. We all try to adapt and adopt solutions for emerging problems. Working from home is now our new normal, and many organizations never even considered the option. Now, it’s not just the latest trend. It’s a mode of work that we need to adopt if we want to ensure continuity of service.
To do this, to make sure we have continuity of service, each organization needs to be creative and flexible with the use of technology. In this blog, we shared a set of proactive ways to manage those challenges successfully. From simple daily leisure activities to significant technological improvements.
The silver lining in all this is that we already have tech tools on the market to make the new normal a bit more acceptable and a bit less stressful. We can use technology that enables work from home. There is a thriving market of collaborative tools enabling dispersed teams in different time zones to collaborate effectively and securely on a company-wide scale. There are also products that help people create mental barriers between the inevitable noises that come in a home setting. And, there are entertainment options that enterprises can offer to their employees to make this work from home period productive and fun.
Armedia LLC is a CMMI Level 3 company that provides a niche focus in Enterprise Content Management (ECM) and Case Management (CM) technical and advisory services. For over 18 years, we offer technology solutions to companies and government organizations that are facing document management, case management, and workflow management challenges. In just the past year, Armedia has actively supported over 30 initiatives in the government and commercial market.
For more info, don’t hesitate to contact us. We’d love to hear your thoughts on the topic, and we’d appreciate you sharing this blog post on your social media.
A pandemic is not on our minds when we talk about globalization. Serious disease and possible death are some of our worst fears as humans. And let’s be honest, we don’t really know how to handle this COVID-19 problem. No one alive has had any first-hand experience in dealing with pandemics.
The world has seen decimating pandemics before, but the COVID-19 pandemic is unique. For the first time in pandemic history, the effects are so immanent, life-changing, and powerful that the pandemic has touched every single living being on this planet even those that aren’t infected. For many people, the social and economic disruptions are even more scary than the fear of the virus itself.
Our social distancing and “stay at home” response to the COVID-19 pandemic triggered the work from home initiative that now seems like it’s here to stay. That’s why in this and the next few blog posts, we will be analyzing these changes in more detail.
The Inconvenient “Work From Home Experiment” Outcomes
Without any warning, as Saikat Chatterjee, Senior Director, Advisory at Gartner says: “We’re being forced into the world’s largest work-from-home experiment and, so far, it hasn’t been easy for a lot of organizations to implement.”
The first group of enterprises stopped working completely in new COVID-19 coronavirus conditions. Some were closed down by the authorities. Some, could not implement the proper measures to prevent the spread of the disease between employees and customers while continuing to work. For others, nobody was interested in their services, such as the tourism industry.
The second group of enterprises started working from home. They did reforms on the fly and hoped for a positive outcome under the circumstances. This forced change came abruptly without any real preparation. This wasn’t a planned “next step forward” in enterprise development. It was just the opposite: an emergency response that enterprises had to do.
The third group of enterprises suspended their activities for a period of time and tried to evaluate whether they were capable of working from home and preserving the high level of security. Banks, insurance agencies, government organizations and more are trying to find the balance between servicing people’s needs for their services and the availability of technological tools.
We will be focusing on the second and third group for this blog post series.
Why Do Companies Like The Work From Home Movement?
The work from home trend wasn’t created because of the COVID-19 pandemic. As we can see from this Gallup survey. in 2012, 39% of workers were remote in some way, even if it meant working from home just a few hours a month. In 2016, that number increased to 43% of enterprises who were experimenting in this direction because of the possible benefits that included:
- Employing workers regardless of geographical boundaries
- Eliminating transportation time and expenses
- Reducing the costs of offices
- Creating flexible working hours
That was the expectation. In reality, it was a mix of benefits and challenges. If we can separate and distinguish them, we will have a clear overview of the technological challenges.
So let’s start with Nicholas Bloom, an economics professor at Stanford University and his two year study about the effects of working from home in Ctrip, the most prominent Chinese Travel company. 1000 employees were randomly selected to work from home for 9 months. “The results we saw at Ctrip blew me away,” Bloom says.
Productivity increased by 13%. Employee retention rate grew by 50%. Initially, 500 of them were against remote work. At the end, only 30 were opposed to working from home. Those who worked from home reported increased work satisfaction, especially from those with stabilized social lives like parents, married workers, older workers, etc. Furthermore, in those 9 months, the enterprise saved about $1,900 per employee.
Bloom believes that one-third of the reason for the productivity increase was the quieter home environment for receiving calls. The other two thirds he associated with the working hours. Employees took shorter breaks, started earlier, finished later, and had no need to commute.
His view on the best-case scenario was when workers came into the office about one to three days of the week to stay connected to the enterprise and increase their creativity.
On the other side, the tech society still remembers one year earlier the previous Yahoo CEO Marissa Mayer’s famous ban on remote work of any kind. Granted, call center jobs are easy to shift from an office environment to a home environment, but not all work is as easily done at home.
How Does Work From Home Affect People?
There are some unique aspects of the interaction between humans that don’t translate well through technology. “Screens are distancing,” says Thalia Wheatley, a professor of psychological and brain science at Dartmouth. “In face-to-face communication, you are sharing a moment in time and space with someone. That is incredibly compelling for our ancient brains.” And this is something that technology today is not capable of imitating and replacing.
Why is in-person communication superior? Scientists haven’t found the answer yet, but there are some strong indications.
First, the more eye contact people make while they communicate, the more they will be synchronized one to another. We cannot replicate that experience using video calls while we are working from home.
Second, the level of trust rises when people share a communal meal together. Not dining with the team doesn’t strengthen the team. This is even worse for workers who live alone because they will probably dine alone. “The brain becomes unstable with solitary confinement,” says Wheatley. Solitary confinement and social isolation in prisons increased the risk of premature death by 26%. Another study shows that social isolation reduces the size of the hippocampus. The hippocampus is the part of the brain responsible for memory and learning. Furthermore, the effect of loneliness is estimated to reduce life expectancy by a staggering 15 years. This is equal to smoking 15 cigarettes a day. “It’s not just that everybody loves social interaction and parties and whatnot,” Wheatley says. “I think it’s critically important to our mental and physical health.”
This was the reason that led to another study. People have to accomplish a stressful task. The support they could receive can be either in-person or over a text message. As Susan Holtzman, a professor of psychology at the University of British Columbia, says, “it wasn’t that texting was bad, it’s just that it was consistently not as good as in-person support.”
So how can we solve these challenges? Once more to quote Wheatley, “the thing has to get solved on the tech side. The tech needs to kind of disappear, so that you believe that you are in the room.” The level of user-friendliness needed for tech to disappear is easier said than done. Simplicity is not simple to achieve. Any UX designer will nod to this statement and be able to explain at length why this is such a challenge that we are only slowly solving.
Technology To The Rescue(?)
The problems are emerging from both sides: the enterprise side and the workers that work from home. Most of the legacy software solutions were built around the idea that the office will always be accessible, and someone will always be there to provide physical access to securely stored documents. These systems usually reside on an enterprise intranet and providing wide accessibility to hundreds or even thousands of remote workers is technically not possible.
Luckily, the Software as a Service industry has been growing for the past decade. In many aspects, these cloud solutions are providing the needed features and benefits and were built with scale in mind. From productivity tools like Office 365 or ZOHO to collaboration and conferencing tools like Zoom or Microsoft Teams, to industry-specific ones such as ArkCase FOIA and DSAR Solutions, enterprises are spoiled for choice.
The critical step in this transformative time for each enterprise will be to find a reliable technology implementation partner. Without one, companies and government agencies can quickly find themselves in trouble.
Armedia LLC is a CMMI Level 3 company that provides a niche focus in Enterprise Content Management (ECM) and Case Management technical and advisory services. With 18 years of deep ECM experience, our skilled team with industry certifications has helped deploy hundreds of ECM solutions.
Anil Parthasarathy, the USPTO CMS Technical Lead once said: “I cannot say enough about [Armedia’s] unwavering support, never-say-die attitude, and work ethic in helping CMS get better. [They] have been a rock in this project.”
For more info, don’t hesitate to contact us. We’d love to hear your thoughts on the topic, and we’d appreciate you sharing this blog post on your social media profiles.
Laws like GDPR, CCPA, WPA, and others are springing up across the world giving citizens the right to request companies to disclose what personally identifiable information they store about the individual. For states, companies are required by law to respond to the submitted request within a day and they must to provide the requested information within a month. Scouring through petabytes of data for specific information can prove to be a challenge. Failing to respond on time can result in hefty fines, like in the Barnes v. Hanna Andersson case.
In this text, we’ll cover the six key steps in processing a Data Subject Access Rights (DSAR) request, what the main challenge is for each of these steps, and how DSAR software can make life easier for companies.
Step 1: DSAR Request Submission Portal
Companies should provide a DSAR Request Submission component linked to their corporate website where citizens can submit a DSAR form. This portal should be easy to use, secure, and if the portal supports creating and storing individual login credentials, tied with the login details of the person submitting the request.
The challenge in this first step is the ability of the company to capture the right information about the Requestor, so that the following steps are executed properly and on time. While this first step is not complex, people can easily mistype their name or their email or enter a different email address than the existing one in the system. This can cause problems later on as the request gets to next steps in the workflow.
An effective DSAR solution will have forms with field validations so that proper email formats are checked before submission. In some cases, form validation can go further and check for typographical errors. The benefit of form validation is that Requestors will ensure they are typing in the correct data, and when the form is behind an active login session, these fields can be pre-populated.
Step 2: Verification of Identity
When companies receive a data subject request, the first step is confirming the identity of the person by matching that identity to the requested content.
The challenge is verifying the identity of the Requestor remotely and securely. Chances are, that some of your customers, employees, etc. may need to provide additional information beyond their name, surname, address, telephone number to include login ID, email, IP address, etc. to identified themselves more precisely. In some cases, companies may need to collect a dozen other details to precisely identify who is submitting the request, and what personal data the company keeps.
The benefit of a good DSAR software platform is enabling corporations to quickly and even automatically identify any additional information the Requestor needs to provide in order for a proper and definitive identification. Automating this step is key in responding in a timely fashion and sending the right data to the right person within the 30-day timeframe.
Step 3: Searching for Personally Identifiable Information
As data storage becomes more and more affordable, companies are storing more of it. While this may be valuable for data-driven business decisions, each company’s vast data footprint is adding to the complexity of responding to DSAR requests.
The challenge: after a DSAR request has been successfully submitted, the DSAR software or with an integrated eDiscovery platform will need to search through all the repositories the company has, spread across different systems and potentially different locations to include SaaS based platforms. Companies may keep bits and pieces of personally identifiable data in dozens of locations:
- ECM system databases
- Office 365 / SharePoint folders
- Email servers
- Proprietary applications
- CRM systems
- Billing systems
- Internal chat systems
- External marketing platforms.
The solution will need to be able to securely connect to each of these data storage endpoints and quickly search through petabytes of data. These systems will need to be able to communicate via encrypted API endpoints at-scale, secured from interception or copying by hackers.
An effective DSAR solution makes all this possible. Without it, companies may not be able to respond to DSAR requests in a timely and a secure manner.
Step 4: Data Review and Approval
While companies can fully automate the data delivery, it is best if this data gets reviewed by a person before it is released to the Requestor. One risk is that a document may have PII about another individual that needs to be redacted.
The challenge of having the staff involved in DSAR review and approval is that people will need an intuitive user’s interface to do their job as well as assistive technology given the volume of information. In addition, the entire process needs to be audited so the organization knows how had access to the Requestor’s information.
The benefit of an integrated DSAR solution is the automation, collaboration, tracking, reporting and auditability.
Step 5: Timely Response
The key challenge of DSAR requests is that there is a strict deadline for companies to respond. Similar to Public Records / Privacy / FOIA requests where government have a statutory timeline to respond, companies have only 45 days to receive, verify, and respond to a DSAR request.
Even though many of these laws are fairly new, we already hear of lawsuits against companies who failed to respond properly and on time. Just recently we witnessed the Barnes v. Hanna Andersson case where Salesforce and Hanna Andersson LLC got fined for failing to comply with timely data disclosure under CCPA.
The benefit of using a DSAR application is that corporate staff will be able to follow these requests and get reminders of deadlines. To help assist with complying with the timeline, an integrated DSAR solution that includes eDiscovery and potentially RPA is recommended.
Step 6: Data Editing or Deletion
Under DSAR legal frameworks like GDPR, CCPA, or WPA, data subjects can request deletion or editing of the stored data. Ideally, an integrated DSAR software solution will be able to store the data sources of each piece of PII, tie it to a specific DSAR request, and have the ability to send Delete and Update requests through a secure API connection.
The challenge is twofold here. First, the DSAR software will need a way to send an Edit or Delete command to the exact data location for each DSAR request. Second, this data management will have to be auditable.
This means that qualified DSAR software solutions will have the ability to integrate with disparate data sources and have the ability to quickly respond to any Requestor’s demand for editing or deleting of PII.
Ideally, the DSAR software solution will be able to have a two-way communication with storage endpoints and fulfill a Delete or Edit request. This will allow the DSAR to track the communication that the request was fulfill and by which systems.
The benefit of a reliable integrated DSAR solution is clear. Without a software solution, companies will have a hard time adhering to the law and proving that it was accomplished if litigation arose. There is an added benefit too. While companies may have internal best practices for data management, de-duplication, etc., it is still helpful to have a visual map of all the locations that contain privately identifiable information.
As we already mentioned, companies need to be able to track how each DSAR case is handled, from the moment of its creation to the moment it was successfully processed. Every action done by the staff, every API call done by the software to send requests and receive encrypted information from external sources, every alteration of any data endpoint needs to be thoroughly documented.
Capable DSAR software solutions should have this auditing capability. In cases where the DSAR solution is built with proper case management capabilities, auditing should not be a problem. Most case management platforms on the market have this built-in.
One such solution is ArkCase, an open-source case management platform. ArkCase is built with auditing capabilities out of the box. Any time an action is done on a case, there’s an audit entry with a timestamp and clear details of who did what and where. Companies can extract the timeline for every DSAR form. These reports can contain timestamps, people involved, data sources, staff activities, IP address and even the Requestor’s responses.
The Data Subject Access Requests initiative, covered with legal frameworks like GDPR, CCPA, WPA and other variants, are enabling citizens to approach private companies and request data disclosure. Companies, under CCPA, have to respond to the request and disclose all personally identifiable information within 45 days. Failure to comply could mean hefty fines, as Salesforce already experienced first-hand.
Because of the complexity of what qualifies as personally identifiable information and the vast amounts of data that companies store, DSAR software is quickly becoming a corporate necessity. The only way companies can scour through petabytes of data spread across internal and external databases in a timely manner is by relying on an integrated DSAR software.
In most cases, DSAR software uses the same mechanisms as case management solutions. The forms, workflows, and user roles can all be pre-built and ready to be used out of the box.
The ArkCase team has implemented a DSAR solution that can be integrated within enterprises to automate this process. The ArkCase DSAR solution is a reliable option for any size organization that need to be ready to respond efficiently and effectively to Requestors.
For more information on this subject, feel free to reach out to us via the Contact form, or using the Comments below. And, please help us raise awareness of the DSAR Software option by sharing this text with your social media connections.
With recent legislation developments ensuring citizens’ rights to request their personal data that companies hold, companies are facing a turbulent future. Compliance is not optional. Now, the race is on. Citizens will be reaching out to companies, requesting disclosure. Companies need to adopt a software solution that enables fast and reliable personal data search and reporting.
What is DSAR?
The Data Subject Access Request policy basically states that citizens may request, under the General Data Protection Regulation (GDPR), that a data controller (business or other organization) disclose the requester’s personal data that the organization holds about them.
Companies need to respond in a defined time frame and provide the information to the requestor. Companies also need to be able to edit or delete personal data upon request from a citizen. To successfully fulfill these tasks, companies and organizations need reliable Data Subject Access Requests (DSAR) Software solutions that meet all the requirements set by the DSAR initiative.
Different countries have different interpretations of the DSAR policy, complicating an already daunting challenge of compliance.
It all starts from the EU General Data Protection Regulations (GDPR) which replaced the old 1995 data protection directive. It was published in May 2016 and went live on May 25, 2018.
In the United States, the closest GDPR equivalent is the California Consumer Privacy Act (CCPA) that became law on January 1, 2020. It is the first US-based consumer privacy regulation.
The state of Washington is currently working on legislation known as the Washington Privacy Act (WPA). The WPA regulation is stronger than CCPA and uses some GDPR concepts, therefore it is viewed as a leading example of consumer privacy regulation in the U.S.
There is obviously a movement towards nation-wide acceptance and formalization of the Data Subject Access Requests initiative, so citizens can claim ownership of their data, regardless of who holds this data.
Who gains from the DSAR and who are the stakeholders?
Clearly, the citizens are the main winners in this process; they gain new fundamental rights: personal data privacy and protection. Individuals get the right to ask companies and organizations to disclose what data they hold, and request further action such as editing, moving or deletion beyond recovery of that data.
Companies and organizations, also known as data controllers, must ensure that the Data Subject Access Request initiative really works. Companies and organizations are expected to deliver on DSAR. They will have to fulfill these new obligations by developing internal processes, workflows, and technologies that allow full compliance. Data controllers are expected to return a notice within 24 hours after receiving the data access, and they are expected to answer the data access request within a month after the request was submitted. Failure to comply can have legal ramifications and will also include fines
In some cases, data controllers can have external data processors who have the responsibility to handle these data access requests on behalf of the controllers. They should implement all measures needed to receive the request and respond to it in a timely, secure fashion.
While DSAR is a fairly straightforward high-level idea, the nuances are challenging. A citizen submits a to a company or organization, using their DSAR workflow processing software. The company’s staff receives this request. Then the controllers and data processors find all the data on that citizen and reply to the request. So-far, so-good.
However, receiving the request requires a more complex software that will help the organization verify that the requestor is the same person that would be the data-subject. Otherwise, the company would face the ramifications of disclosing personal information to third parties.
Then, the ability to pull all the data from all data sources, and combine it in a single report, is also challenging. If the data requester asks for data edits, the company should be able to send these data updates to the specific location, making DSAR not only a data retrieval but also a data modification process.
On top of that, this DSAR software would need to have auditing capabilities, which means strict user access level controls and logging of every single action that is taken around each case.
Why should you care about DSAR?
Compliance with these regulations is not optional. Companies and organizations must adhere to the DSAR initiative and the legal frameworks like GDPR, CCPA, and WPA.
Failure to comply will almost always result in fines. The Barnes v. Hanna Andersson case is the very first case for violations based on the CCPA. The minimum amount of that case damage is a million dollars. In just 30 days from the CCPA launch, this case was opened on February 3rd, 2020 against SalesForce and Hanna Andersson, LLC.
Fines from GDPR in Europe are an almost everyday occurrence, ranging from a few hundred euros to a 99 million pound fine against Marriott International Inc. for a data breach.
According to the latest Talend’s survey, only 42% of all companies and organizations were able to successfully respond to DSARs. According to a report by Gartner, the average cost to process a single DSAR request is $1400. Such a high fee implies that the process is manual and labor-intensive.
Companies and organizations are hard-pressed to process a growing number of DSAR requests under a threat of lawsuits and any company and organization storing personal data could be the next target.
The Microsoft Example: Preemptive DSAR Compliance
Microsoft has chosen to deal with DSAR requirements proactively by implementing their DSAR software solution nationwide, not just in California.
One recent review of the 50 companies from the Fortune 500 list made by the Data Protection Report indicated that it will be much more difficult to differentiate users in California versus the entire U.S. The complexity will grow when all new state regulation initiatives are in place: New York Privacy Act (S5642), Massachusetts (SD 341), New Hampshire (HB 1680-FN), and Virginia (HB 473), for example.
Hopefully, federal unification of the regulations will happen quickly. The process to unify regulations is being addressed through the Online Privacy Act (H.R.4978) bill introduced in the US Congress, which includes a provision that users have the “right to choose how long data can be kept and opt-in consent for the use of data for A.I. algorithms.”
Next Steps: Tools of the trade
While the Data Subject Access Request framework is relatively new, it is still a process that can be automated to a large degree. Using existing technologies for business process management, data storage, form submission, document search and redaction can significantly simplify the process of becoming DSAR compliant, regardless of the local legal frameworks such as GDPR, CCPA, WPA, etc.
Here are just a few trusted technology providers who have been in the document management and case management industry. Companies don’t need to build an entirely new technology stack from the ground up to get a solid DSAR software.
Alfresco Digital Business Platform
Alfresco recently announced several changes to their software solutions according to GDPR and CCPA regulations. This makes the Alfresco platform a reliable DSAR Software solution:
“Alfresco has updated its Alfresco Governance Services, introduced new Federation Services that enable ‘Manage in Place’ records management, enhanced its E-Discovery and ‘Legal Hold’ with Artificial Intelligence (AI), and added Governance to Desktop Synchronization.”
Here are a few key benefits that Alfresco brings on the market:
- Alfresco Federation Services enables users to perform a search through different business and content repository types from a single application with no need for content migration. Now they can search, view and manage information even from non-Alfresco repositories from a single user interface and take any action they like – place the data on hold or export it for further use in e-discovery or review tools. This is a so-called “Manage-in-Place” feature – a single point of access without migration.
- Alfresco Governance Services now has AI-powered e-Discovery. It eliminates the complexity of the “Legal Hold” process and speeds up e-discovery tasks. Now companies can process requests faster, even with information stored across geographical borders or different systems.
- Desktop Synchronization is now synchronizing not just the data through different repositories but also the data record management policies that are associated with that data. The predefined level of governance will remain associated with different repositories or user’s desktops.
- Automation of digital filing and detection of Personal Identifiable Information (PII) provides greater data security and protection in the DSAR process.
With Governance Services as a part of the open source Alfresco Digital Business Platform -the platform can serve as a part of a DSAR software solution.
ArkCase Open Source Case Management and DSAR Solution
If we see DASR software solutions from a workflows perspective, we can easily recognize that any data privacy request, at its base, is a new case. Creating, managing, tracking, and responding to these requests is similar to responding to any other case: legal, FOIA, complaint, etc.
Companies with experience in service request management solutions are developing and promoting DSAR software solutions. ArkCase is one of these DSAR software solutions.
ArkCase is an open source case management system that integrates with the industry leaders such as Alfresco, Content Server, Documentum, Mobius, Ephesoft, etc. With its modular open source platform, configuring specific workflows is fairly straightforward.
The ArkCase Data Request Management module provides a fully functional DSAR software solution out of the box.
For years, ArkCase has supported receiving, processing, tracking, and responding to requests for similar use cases, and has been optimized to support a DSAR application for fast, secure, reliable case management solution.
In ArkCase, editing forms and workflows use a low-code, drag-and-drop technology so that even non-technical staff can easily verify or adapt the functionality to their specific needs. It provides standard but customizable request forms and workflow solutions.
ArkCase can also be easily deployed in different environments in compliance with data storage and security regulations.
The DSAR initiative spawned legal frameworks like GDPR, CCPA, and WPA, and more regulations are in the works until a nation-wide data privacy law is enacted. Only one month after the CCPA law went into effect, there is already a major lawsuit based on its requirements.
Companies should follow the Microsoft example in erring on the side of caution and adopt a DSAR software solution as soon as possible. Luckily, established companies like, Alfresco and ArkCase have developed software solutions to address these regulations.
If you’re looking for a DSAR software solution, hopefully this post was helpful. For more information, don’t hesitate to write us or give us a call. Armedia has been supporting agencies and companies with their data management and case management needs as a solutions integrator. Feel free to give us a call for a no-obligation consultation.
In the meantime, don’t forget to share your opinions in the Comments section below, and share this blog post on social media.