Two out of three Americans with jobs are already working from home because of the pandemic. Many will have to continue if pandemic reoccurs. But millions are unable to and are without jobs, because of significant barriers imposed by technology, regulation, and organizational preparedness.
One technological barrier is the lack of universal high-speed Internet connectivity. People at home today run multiple devices for everything from making video calls to streaming entertainment, participating in meetings, and doing classwork. This requires fiber-based Internet access that allows gigabyte-speeds rather than older cable and telephone based connectivity.
But outside of major American cities, most of us are served by poor quality and lower speed Internet services built on outdated infrastructure. The reason is that in most market areas, legislative barriers have limited competition, keeping the cable and telephone companies as virtual monopolies that can charge higher prices whilst continuing to invest little in improving product quality. Because of this, many in rural areas, the urban poor, and consumers in many smaller urban areas either don’t have good access, cannot afford it, or have limited choice.
Another technology barriers to remote work is the outdated software and operating systems that many companies utilize, which are incompatible with what people use at home. For instance, close to 82% of medical imaging devices in US hospitals still run Windows 7 and XP-based systems. There are about 200 million computers worldwide still running such outdated systems including 30,000 machines in Germany’s local government offices and 50,000 in Ireland’s healthcare system. The reason for such practices is legacy programs, those that can only run on older operating systems, that many organizations continue to support. But, because of such systems, people whose work relies on such older programs cannot work on them remotely from their updated computing devices at home.
Yet another barrier comes from data protection laws. From HIPPA that governs electronic patient health information (ePHI) access to the European Union’s data portability laws, various regulations protect user data from cyber criminals by restricting access to them outside of secure work computers and servers. But these laws were formulated in the pre-pandemic era, where employees had the luxury of working from offices. Layered on such laws are organizational IT policies, which often impose their own restrictions on how employees can access data.
But it is because of such restrictions that Facebook’s content moderators all over the globe cannot presently work from home—which has also reduced their ability to quell misinformation and online scams from going viral. Similarly, concerns of cyber breaches have led organizations to require their employees use virtual private network (VPN) services when connecting from home. Using a VPN is hard enough for users with poor technology skills, but even for the technologically adept, it lowers Internet speeds, especially when there is a signification increase in the load on VPN servers, as is now the case. Thus, regulatory concerns cause restrictions and delays that make for a frustrating remote work experience.
The final factor limiting remote work is cyber risk from the user. While many users can be trusted with remote data access, many others cannot. This is not just because some people have lower technical skills but also because many users’ digital hygiene levels are unknown. This is a pivotal issue because regulations such as HIPAA require organizations to conduct risk assessments to address vulnerabilities from remote data access. But this is easier said than done. In an era when the opening a single phishing email could launch ransomware that could jump from home to work networks and cripple the entire organization’s systems, the risk to the enterprise is not just from the employee working at home, but from their entire family. Hence, organizations would rather limit who can work remotely than risk a devastating enterprise-wide lockout.
Making it possible for more of us to work remotely from home will require a concerted efforts from the government, educational institutions, and organizations.
The starting point to this is improving residential Internet access. The digital divide is no longer about just having Internet access, but having universal access to fiber at an affordable price. With 5G years away from being universal, we have to reimagine competition among Internet providers. This involves removing the legislative restrictions that prohibit competition among providers and, in some cases, fiber networks being developed by municipalities. A good example is Chattanooga, Tennessee, where the local government developed its own fiber network, which not only made gigabyte speed service locally available for a competitive price but also recovered the setup costs and led to a technology start-up boom in short order.
Next, organizations must plan on developing an agile workforce. Most current organizations support a fraction of their workforce’s remote work needs. For instance, the US Airforce VPN system is built to support only a quarter of its 275,000 civilian workers and contractors. Organizations can invert this by investing in virtualization to run legacy software, allowing more employees to bring their own devices (BYOD), and moving towards a cloud-based infrastructure. This will create the ability to run legacy software on remote machines while also quickly upgrading the technology being used within organizations.
The final issue is reducing cyber risk from users. Models for this already exist in the systems used for evaluating financial credit scores and giving automobile driver’s licenses, which were developed for similar reasons—to estimate risk and ensure that people meet minimal standards of performance and safety. Just as we do with driver’s licenses, we need to establish federal standards for user risk assessment that mandates cyber safety training and awards users with a personal cyber risk score. Cyber safety training must begin from K-12, when most already use computing systems, and become part of standard university curricula. Also, the risk scores should be portable between jobs, accessible to employers, and users should be capable of improving them through additional certifications provide by for-profit training companies. With everyone trained, the overall cyber risk to organizations from users will reduce as will their concerns about remote access.
Providing better Internet access, creating an agile workforce, and mandating cyber security training will help us combat not just this pandemic’s reoccurrence but also any future natural or manmade catastrophe. We have been saved from a complete economic meltdown by a technology—the Internet—that was built in anticipation of a nuclear fallout that thankfully never happened. Thanks to such forward thinking, we today have the capacity to continue working, teaching, even performing medical diagnosis online. Building capacity must likewise be done years if not decades in advance and we must prepare for a future where more people can continue working from home.
* A version of this post appeared here: https://blog.ipswitch.com/4-barriers-impeding-on-everyones-ability-to-work-from-home