h digitalfootprint web 728x90

What it takes to work remotely

Business leaders, cybersecurity experts and communities watch a drastic shift to the work-from-home lifestyle


As the COVID-19 coronavirus pandemic sweeps the globe, a day at the office for many in Iowa looks a lot different in recent weeks. 

It’s too early to know how many organizations have shifted their workforce to a work-from-home strategy in the face of a disease outbreak. As employers make as many positions remote as they can, cybersecurity experts say the dining room table at home deserves special scrutiny by IT staff, while company leadership and community broadband municipalities are examining what needs to be done to support a major shift in Iowa’s workforce.  

“Working from home does not provide the same protections as working at the office,” said Aaron Warner, CEO of ProCircular Cybersecurity, based in Coralville. “It’s really kind of undiscovered country. I don’t know that this volume of people has ever in the history of the world worked from home, certainly not with such dependence on the internet.”

An internet-based company

In Ames, Workiva President and CEO Marty Vanderploeg was confident about seeing Workiva’s workforce transition business operations outside of company headquarters. 

Workiva’s Asia-Pacific office was the first to require employees to work remotely, although company headquarters made working remote an option for Ames employees in early March. By March 16, all employees were sent home unless manager-approved to stay in the office. 

“We have a number of 100% virtual employees that work in remote places who had a talent that we wanted, and they would work remote and come into the office maybe once a quarter to meet with teammates and develop some bonds. So we were really well positioned for this,” Vanderploeg said. “The biggest thing we have to figure out is how we manage some of these people who are not remote regularly.” 

At Aureon, the firm has navigated assisting clients in transitioning employees to remote work while helping its own employees make necessary adaptations to avoid spreading COVID-19. Aureon leadership has been monitoring the COVID-19 outbreak for about 10 weeks as part of its business continuity planning. 

“A lot of our work is done remotely, but not all of it. Some of that does require on-premises visits with clients,” said Tom Agnitsch, director of IT operations. “We’re expecting our clients to help us with social distancing, and we have safety precautions put in place with all of our technicians. … It might seem to slow us down from time to time, but safety should be everybody’s main concern, whether it’s our clients, partners or employees.” 

Managing East Coast client accounts through Hurricane Sandy laid the groundwork for what Workiva could expect when employees are unable to access their offices, he added — including assisting a client’s employee who filed SEC reports from a Starbucks when nothing else was available to work from. 

“It’s much harder for more traditional types of businesses and older companies to make this adjustment, but they will — the tools are all out there. They will make the adjustments and I think that this will change the entire business community to actually be much more resilient,” Vanderploeg said.  

Receptionists, janitorial service and food service employees are still receiving full-time pay from Workiva. 

“How we treat our employees and our customers in good times, … they respond to these tough times. Our culture is all about taking care of our customers, taking care of our employees, trusting one another,” Vanderploeg said. “I’m a big advocate of taking care of employees, transparency and living by a set of core values. … When you do that, they perform at a high level.” 


Clients of security firms seem to be aware of heightened risk around remote work. 

“The greatest risk is for smaller organizations. … The people I think most about are that real estate company or that accounting firm that has to now figure out how to dial in remotely and don’t have those IT resources,” said Warner, whose staff is working remotely. “Those are the folks that are going to suffer most as the sharks start circling in the water, and we’ve already seen indications of that.”

A webinar hosted by ProCircular on safely configuring remote work offices attracted 50 participants less than 24 hours after it was announced, Warner said. ProCircular clients are moving up schedules to have technical assessments such as penetration tests done earlier. “They want to know before the hackers do what vulnerabilities they may have,” Warner said. 

In Ankeny, Pratum has been assisting clients in building or adjusting remote work policies as they adjust to having part of their workforce working from home. 

into things,” said Megan Howard, director of security service at Pratum. “Hopefully employees are using company-owned devices that the company can make sure you’re staying up to date and have anti-malware running vulnerability scans.” 

Employees who are working from personal devices may not have kept security patches up to date, which is a critical safety practice to keep networks secure, Howard said. Residential Wi-Fi networks with internet-of-things devices typically aren’t sectioned off, which could put company devices on the same network as a vulnerable internet-of-things baby monitor or coffee machine. 

“If [hackers] can find a way in using an [internet-of-things] device, then they can spread how they want throughout that network to get to other devices,” Howard said, which puts business devices at risk. 

Companies should be prepared to offer virtual private networks to employees on company devices, and may have to offer multiple VPNs, depending on the size of the workforce. 

Phishing scams have also adapted to isolated employees, sending emails that purportedly link to breaking COVID-19 news or “company” announcements. That worries Howard. 

“They know when you’re working from home, you’re just more relaxed, right? You’re not always in that work mindset,” Howard said. “People are more vulnerable and more likely to click on phishing links when they’re working from home. … Luckily, we haven’t seen any incidents with our clients, but I think that we will. We’ll certainly see that there will be more phishing attacks.” 

If a phishing attack is successful, that leaves the company to respond to a cyber incident remotely — without immediate access to the employee’s device. Employees need to be educated and supported to report a phishing attack or other cyber incident immediately. Organizations should have named members of an incident response team and a plan of how members would reach each other and take steps as soon as possible to manage an attack, Howard said. 

“Some of things we’ve preached quite a bit is not to instill fear into your employees, but let them know they’re helping the organization by reporting any suspicious activity. … Be safe and let the IT department know so they can get an investigation underway,” Howard said. 

“I don’t want to say this nonchalantly, but it is business as usual knowing there are those new risks, because we have something new going on in the world. … Internal threats are always evolving,” Agnitsch said.

As the outbreak continues, Warner will keep an eye on his staff for signs of burnout. 

“It’s very easy for us to work in cybersecurity pretty much nonstop. … It can be really easy for me to work 18-hour days,” he said. “I’m really trying to encourage people to get up and take a walk and get outside. It’s an intense time, and I think being mindful of your own health is important.” 

Community support

Communities that offer or are investigating offering a municipal broadband utility are keeping watch over the shift to remote work, but haven’t yet noticed a burden on active utilities, advocates at the Community Broadband Action Network said. 

“I heard it described as a typical spring break day with kids home as the kind of traffic load increase,” said Curtis Dean, a consultant and co-founder of CBAN along with Todd Kielkopf. 

“The bigger story will come in the next couple of weeks. … If we have any storm events come through or any widespread outages to centralized equipment failures, is business still getting done at the home level?” added Kielkopf. “They’re really not as a system set up to handle individual community-based outages compared to what’s already been committed to the business community.”

Municipal ownership will give those communities breathing room when faced with an emergency — city staff members have told CBAN they won’t be disconnecting households for nonpayment or are expanding payment plans to help residents maintain service. 

“I think this is an issue that shines a bright light on our overall telecommunications infrastructure in the U.S. — privately owned, publicly owned, etc. Is it able to perform and maintain performance in a national crisis?” Dean said. “If we don’t have the capacity to deal with this — where suddenly a large percentage of the population is working from home, or the kids are out of school and needing to be educated … how is our infrastructure able to deal with that?” 

Municipalities are seeing an impact on projects underway. 

Existing municipal networks report that they are able to keep up with the demand so far, but communities that are in the middle of developing their networks are seeing delays in construction and launch. Hooking customers up to fiber requires technicians to enter customers’ homes, which has been put on hold to adhere to social distancing guidelines.  

Vinton has completed about half of its network hookups to the new municipal broadband network and expected to turn on services to customers potentially as early as late March, and now the city is on pause waiting for approval to have technicians visit homes, Dean said. New Hampton expected to begin construction on a project in late spring but may experience delays until contractors can begin visiting homes and businesses for some of the necessary work. 

“The challenge that they’re all facing is the same challenge that any other business is facing — what level of operations can we have that does not impact the health of either our employees or the consumers?” Dean said. 

Kielkopf sees the challenge as a shift in thinking for municipal networks and their city leadership. If the state response to the COVID-19 outbreak requires reliable video telemedicine to assist in containing the spread, or if schools need to host online classes for an undetermined amount of time, that requires residents to have a reliable, ubiquitous access to broadband, he said. 

That could lead to other future opportunities — broader access to telemedicine for mental or physical health care appointments, or potentially recruiting a professional with their spouse to live and work in smaller communities. 

“That includes the trailing spouse issue in rural communities, where you’re trying to bring in a professional, attracting them to your community,” Kielkopf said. 

If the ability to work from home allows a couple to both have satisfying careers in a small community, “I’m sure this is not going to be temporary,” he added.

Facebook Notice for EU! You need to login to view and post FB Comments!

bankerstrust web 050123 300x250