What it takes to move 8,000 staff to a virtual office

Moving a large workforce to remote working in days, rather than years, is a daunting ask. But it can be done quickly, and it is possible to keep risks to staff, citizens and technology to a minimum. 

A

s governments tighten isolation restrictions this week, the expectation of an announcement from the Federal Government for an even tighter shut down becomes increasingly likely.

Most organisations will have an understanding of what critical services must keep working in times like these. But they also need to know who performs those services at the head office and customer service centre level, and what it means if those services cannot be performed in a traditional bricks and mortar office setting.

Can the tech infrastructure handle a near virtual workforce, is the right culture and leadership in place to keep productivity moving, and can critical front-line services continue to be available and consistent? 

In mid-March, EY moved its workforce of more than 8,000 to remote working, with a 24 hour dry run to test the capability of the VPN and network systems. "The question wasn't whether we had the capability, it was what would happen to the system when 6000 people logged on simultaneously," EY Oceania IT Leader Chris Huey, who oversees the remote work and tech infrastructure, says.

While EY has always had a proportion of staff working remotely, either from home or from client sites, the move to full virtual working still tested the scalability of its infrastructure and the load on critical business applications. 

Huey says the recent switch to Microsoft Office 365 products including Mail, Teams and SharePoint has significantly reduced the load on EY's Remote Connect software as it means staff can do a huge proportion of their work without being logged on to the VPN, while maintaining high cyber security and privacy standards within the Microsoft system. 

Huey implemented practical steps to reduce the burden of having so many people remotely connected, including changing the idle period timeout on the VPN from eight hours to two hours, and increasing the licence for the EY remote connect software. 

"The biggest delay is not so much getting the licence, it’s getting priority with the vendor to get the increase, because everyone around the world is asking for the same thing." 

Huey says there are even more preliminary questions for organisation looking to pivot to full remote work, such as: do all the staff have laptops or remote access from home devices?

Then, is there core software such as email that doesnt have to be on the VPN? And are your internet links and VPN tuned enough that they can burst-up and reduce back down, or have you ensured ready access to change licensing thresholds rapidly, or alternatively multi-geographic locations that could provide spillover capacity?

The growing challenge is that many organisations realise they don’t have the frameworks, processes and maturity in place to facilitate a rapid scaleup of remote working capability. What would previously have been a five-year project to build and mature that capability needs to be condensed into a matter of weeks.

“Almost every organisation has the ability to connect virtually to key systems and processes. The critical risk is if an organisation is faced with having to move their entire workforce virtually, can they scale it up quickly and not disrupt, or be forced to shut down critical services. This is something that they may not be yet fully thinking about,” EY’s Government Digital and Technology Leader Andrew Garner says. He points particularly to those organisations with thousands of staff, only a small percentage of which are remote-work enabled.

“Simultaneously, the widespread economic and social disruption from COVID-19 will put increased strain on the delivery of critical and front-line services, particularly for government agencies and NGOs, with large numbers of Australians reaching out for assistance.”

For governments, services such as welfare and social services, education, health and transport must keep working. At the same time, the often forgotten but critical back-office functions such as payroll cannot fail to remunerate staff and their contractors during this unprecedented time.

Almost $85bn in grants and tax relief has been earmarked in the Federal Government’s recent stimulus packages. Getting that money where it is intended will be crucial to limiting the economic impact of the pandemic. It will also be where this shift from normal ways of working comes under the biggest strain. 

“This is rapidly evolving to being not just about the tech, but about the models of work. How do you work in a virtual world? How do you maintain service continuity and productivity in a virtual world? And how do you meet the anxiousness of staff around the changes?”, Garner says.

For some organisations, there will be front line workers processing critical payments that have never done this in a virtual work environment. “If someone is sitting at home, working from their kitchen bench, how are their computers set up, is their phone integrated to make sure people who need to get paid are getting paid, whether that’s critical suppliers, contractors, or for some government agencies their welfare recipients?” Garner says.

This invariably leads to cyber security concerns, particularly in systems that were already due for an upgrade.

Richard Watson, EY Asia-Pacific Cybersecurity Risk Advisory Leader, said there are a number of phishing campaigns circulating already, posing as advisory or information links on the pandemic with the purpose of planting malware on devices. 

“We also know that if some organisations are not set up well for remote working, there is a risk that people start to forward confidential data to their home computers or printers, which are used by all the family, and may not be up to date from a virus protection point of view,” Watson says.

“If people elect to work in coffee shops or other public places, they may be threatening not just their health but their company’s data if they use the non-secure public wi-fi to send emails and download documents.”