Tag: remote work

Available Options for Completing Form I-9 in Remote-Work Scenarios

The American Immigration Lawyer’s Association (AILA), through its Verification and Documentation Liaison Committee (“Verification Committee”) recently issued an FAQ compiling updated information related to employment verification (I-9) compliance requirements during the COVID-19 Pandemic.

The FAQ addresses the viable options for completing the Form I-9 in remote-work scenarios and the most current developments in each type of process. Below are the main takeaways:

Process 1: In-person New Employee and HR/Admin Document Review: HR/Admin timely reviews the employee’s identity and employment authorization documents in the employee’s physical presence. Where employers have fully returned to in-office operations, or where they are no longer maintaining COVID-19 precautions, they must complete an in-person review of Form I-9.

Process 2: “Remote Hire” In-Person New Employee & Employer Authorized Representative Document Review: This is the so-called “Remote Hire” process, typically used in situations of on-boarding and new remote employee. Note that this is still an in-person document review conducted by a third party designated by the employer who acts as the agent. Also note that this process is not restricted only to employees based at remote locations but can also be used in any situation. Since the employer bears the liability for the agent’s errors it is best practice for the employer to train and/or provide instructions to the agents as well as perform a detailed review upon receipt of the completed Form I-9.

Process 3: Limited Temporary Option: HR/Adm’s Electronic Document Review: The virtual review option was first implemented March 20, 2020, and has been extended multiple times. The current extension expires July 31, 2023. With this process, HR/Adm timely reviews the employee’s identity and employment authorization documents electronically, not in the employee’s physical presence, but via video link, fax, email, etc.

Who can benefit from this option? The U.S. Immigration and Custom Enforcement (ICE) confirmed to the Verification Committee the general rule in applying this option:

  • Before April 1, 2021, the temporary I-9 option was available if a business was operating 100% remotely as a result of the pandemic. If it was not, the in-person verification for Form I-9 was required. ICE acknowledged, however, that the Agency will handle audits and future enforcement on a case-by-case basis. Employers do not need to have 100% of their workforce working remotely to take advantage of the virtual option if the employer has a record supporting that the virtual review option was necessitated by the pandemic.
  • On or after April 1, 2021, the temporary virtual document review option is available, but only where the remote employment is a result of COVID-19-related precautions. Employers hiring “true remote” employees should conduct in-person reviews as they would have prior to the COVID-19 virtual review option being offered.

While virtual review provides a practical alternative to the in-person review, there are additional requirements in this process in order to maintain compliance:

  • Create and retain a written document that captures the remote onboarding and telework policy in place when this option is used for any Form I-9 created under this process;
  • Retain copies of the documents presented, as per the original guidance issued by ICE Note that security of sensitive personal information must be maintained, and the company should work with its information-security team regarding the transmission and/or capture of personal information in these situations;
  • Add “COVID-19” in the Additional Information field/box on Section 2 of the Form I-9;
  • Tell the employee that no later than three business days of cessation of this temporary electronic document review option or once the employee commences non-remote employment on a regular, consistent, or predictable basis (whichever is earlier), an in-person meeting and physical inspection of the document(s) will occur;
  • Within three business days of such a date, coordinate the in-person meeting and physical inspection of the document(s); and,
  • Add “documents physically examined,” date and initial in Section 2 Additional Information field/box, or to Section 3 of Form I-9, as appropriate.

Importantly, the virtual review process requires the employer to “perfect” the Form I-9 with an in-person meeting at a future date.

The Department of Homeland Security (DHS) is currently reviewing the regulatory framework for document review in considering making virtual review a permanent option for I-9 compliance. DHS published a Notice of Proposed Rulemaking in the Federal Register and, since November 2022, has been reviewing comments. Simultaneously, ICE has ramped up audits and investigations as the pandemic has waned. Therefore, employers should maintain a fluid line of communication with their attorneys and employees to avoid any compliance issues.

Article By Caterina Cappellari of Greenberg Traurig, LLP

For more immigration legal news, click here to visit the National Law Review.

©2023 Greenberg Traurig, LLP. All rights reserved.

Privacy Rights in a Remote Work World: Can My Employer Monitor My Activity?

The rise in remote work has brought with it a rise in employee monitoring.  Between 2019 and 2021, the percentage of employees working primarily from home tripled.  As “productivity paranoia” crept in, employers steadily adopted employee surveillance technologies.  This has raised questions about the legal and ethical implications of enhanced monitoring, in some cases prompting proposed legislation or the expanded use of laws already on the books.

Employee monitoring is nothing new.  Employers have long used supervisors and timeclock programs, among other systems, to monitor employee activity.  What is new, however, is the proliferation of sophisticated monitoring technologies—as well as the expanding number and variety of companies that are employing them.

 While surveillance was once largely confined to lower-wage industries, white-collar employers are increasingly using surveillance technologies to track their employees’ activity and productivity.  Since the COVID-19 pandemic started in March 2020, one in three medium-to-large companies has adopted some form of employee monitoring, with the total fraction of employers using surveillance technologies closer to two in three.  Workers who are now subject to monitoring technologies include doctors, lawyers, academics, and even hospice chaplains.  Employee monitoring technologies can track a range of information, including:

  • Internet use (e.g., which websites and apps an employee has visited and for how long);

  • How long a computer sits idle;

  • How many keystrokes an employee types per hour;

  • Emails that are sent or received from a work or personal email address (if the employee is logged into a personal account on a work computer);

  • Screenshots of a computer’s display; and

  • Webcam photos of the employee throughout the day.

These new technologies, coupled with the shift to remote work, have blurred the line between the professional and the personal, the public and the private.  In the face of increased monitoring, this blog explores federal and state privacy regulations and protections for employees.

What are the legal limitations on employee monitoring?

 There are two primary sources of restrictions on employee monitoring: (1) the Electronic Communications Privacy Act of 1986 (ECPA), 18 U.S.C. §§ 2510 et seq.; and (2) common-law protections against invasions of privacy.  The ECPA is the only federal law that regulates the monitoring of electronic communications in the workplace.  It extends the Federal Wiretap Act’s prohibition on the unauthorized interception of communications, which was initially limited to oral and wire communications, to cover electronic communications like email.  As relevant here, the ECPA contains two major exceptions.  The first exception, known as the business purpose exception, allows employers to monitor employee communications if they can show that there is a legitimate business purpose for doing so.  The second exception, known as the consent exception, permits employers to monitor employee communications so long as they have consent to do so.  Notably, this exception is not limited to business communications, allowing employers to monitor employees’ personal communications if they have the requisite consent.  Together, the business purpose and consent exceptions significantly limit the force of the ECPA, such that, standing alone, it permits most forms of employee monitoring.

In addition to the ECPA’s limited protections from surveillance, however, some states have adopted additional protections of employee privacy.  Several state constitutions, including those of California, South Carolina, Florida, and Louisiana, guarantee citizens a right to privacy.  While these provisions do not directly regulate employers’ activity, they may bolster employees’ claims to an expectation of privacy.  Other states have enacted legislation that limits an employer’s ability to monitor employees’ social media accounts.  Virginia, for example, prohibits employers from requiring employees to disclose their social media usernames or passwords.  And a few states have enacted laws to bolster employees’ access to their data.  For example, the California Privacy Rights Act (CPRA), which comes into full effect on January 1, 2023, and replaces the California Consumer Privacy Act (CCPA), will provide employees with the right to access, delete, or opt-out of the sale of their personal information, including data collected through employee monitoring programs.  Employees will also have the right to know where, when, and how employers are using their data.  The CPRA’s protections are limited, however.  Employers will still be able to use surveillance technologies, and to make employment decisions based on the data these technologies gather.

Finally, several states require employers to provide notice to employees before monitoring or intercepting electronic communications.  New York recently adopted a law,  Senate Bill (SB) S2628, that requires all private-sector employers to provide notice of any electronic monitoring to employees (1) upon hiring, via written or electronic employee acknowledgment; and (2) in general, in a “conspicuous place” in the workplace viewable to all employees.  The new law is aimed at the forms of monitoring that have proliferated since the shift to remote work, and covers surveillance technologies that target the activities or communications of individual employees.  Delaware and Connecticut also have privacy laws that predate SB S2628.  Delaware requires notice to employees upon hire that they will be monitored, but does not require notice within the workplace.  Meanwhile, Connecticut requires notice of monitoring to be conspicuously displayed in the workplace but does not require written notice to employees upon hire.  Accordingly, in many states, employee privacy protections exceed the minimum standard of the ECPA, though they still are not robust.

How does employee monitoring intersect with other legal rights?

Other legal protections further limit employee monitoring.

First, in at least some jurisdictions, employees who access personal emails on their work computer, or conduct other business that would be protected under attorney-client privilege, maintain their right to privacy for those communications.  In Stengart v. Loving Care Agency, Inc., 408 N.J. Super. 54 (App. Div. 2009), the Superior Court of New Jersey, Appellate Division, considered a case in which an employee had accessed her personal email account on her employer’s computer and exchanged emails from that account with her attorney regarding a possible employment case against her employer.  The employer, who had installed an employee monitoring program, was able to access and read the employee’s emails.  The Court held that the employee still had a reasonable expectation of privacy and that sending and receiving emails on a company-issued laptop did not waive the attorney-client privilege.  The Court thus required the employer to turn over all emails between the employee and her attorney that were in its possession and directed the employer to delete all of these emails from its hard drives.  Moving forward, the Court instructed that, while “an employer may trespass to some degree into an employee’s privacy when buttressed by a legitimate business interest,” such a business interest held “little force . . . when offered as the basis for an intrusion into communications otherwise shielded by the attorney-client privilege.”  Stengart, 408 N.J. Super. at 74.

Second, employee monitoring can run afoul of protections related to union and other concerted activity.  The General Counsel for the National Labor Relations Board (NLRB) recently announced a plan to curtail workplace surveillance technologies.  Existing law prohibits employers from using surveillance technologies to monitor or record union activity, such as by recording employees engaged in picketing, or otherwise interfering with employees’ rights to engage in concerted activity.  The General Counsel’s plan outlines a new, formal framework for analyzing whether employee monitoring interferes with union or concerted activity.  Under this framework, an employer presumptively violates Section 7 or Section 8 of the National Labor Relations Act (NLRA) where their “surveillance and management practices, viewed as a whole, would tend to interfere with or prevent a reasonable employee from engaging in” protected activities.  Examples of technologies that are presumptively violative include key loggers, webcam photos, and audio recordings.

Do I have a claim against my employer?

While federal and state restrictions on employee monitoring are limited, you may have a legal claim against your employer if its monitoring is overly intrusive or it mishandles your personal data.  First, an invasion-of-privacy claim, for the tort of intrusion upon seclusion, could exist if your employer monitors your activity in a way that would be highly offensive to a reasonable person, such as by accessing your work laptop’s webcam or internal microphone and listening in on private affairs in your home.  Second, you may have a claim against your employer for violating its legal duty to protect your personal information if data it collects in the course of monitoring your work activity is compromised.  In Dittman v. UPMC, 196 A.3d 1036 (Pa. 2018), employees at the University of Pittsburgh Medical Center and UPMC McKeesport (collectively, UPMC) filed a class-action complaint alleging that UPMC breached its legal duty of reasonable care when it failed to protect employees’ data, which was stolen from UPMC computers.  The Pennsylvania Supreme Court found for the plaintiffs, holding that employers have an affirmative duty to protect the personal information of their employees.  Because the Pennsylvania Supreme Court’s holding was grounded in tort principles that are recognized by many states (i.e., duty of care and negligence), it may pave a path for future cases in other jurisdictions.  Third, if any medical information is accessed and improperly used by your employer, you may have a claim under the Americans with Disabilities Act, which requires that employers keep all employee medical information confidential and separate from all other personnel information.  See 42 U.S.C. § 12112(d)(3)(B)-(C), (4)(B)-(C).

Conclusion

Employees are monitored more consistently and in more ways than ever before. By and large, employee monitoring is legal.  Employers can monitor your keystrokes, emails, and internet activity, among other metrics.  While federal regulation of employee monitoring is limited, some states offer additional protections of employee privacy.  Most notably, employers are increasingly required to inform employees that their activity will be monitored.  Moreover, other legal rights, such as the right to engage in concerted activity and to have your medical information kept confidential, provide checks on employee surveillance.  As employee monitoring becomes more commonplace, restrictions on surveillance technologies and avenues for legal recourse may also grow.

Article By Bonnie Henry of Katz Banks Kumin LLP

For more labor and employment legal news, click here to visit the National Law Review.

Katz Banks Kumin LLP Copyright ©

‘Work From the Ballpark’—Is the Latest Remote Work Promotion a Foul Ball?

Some professional baseball teams are beginning to promote “Work From the Ballpark” days, encouraging fans to bring their laptops to a weekday afternoon game and work remotely from their seats. Under such promotions, fans can purchase tickets for a special section of the ballpark with access to WiFi, tables, and food so that they could stay logged on at work while enjoying the sights and sounds of the game. Employers are likely accustomed to dealing with employees who play hooky to attend an afternoon baseball game. But with the rise of remote work—and promotions such as these—should employers be concerned with employees logging into work from the ballpark?

While such a promotion might be cheeky marketing to increase attendance for midweek games, it highlights an ongoing concern for employers with remote employees—that instead of diligently working in home offices, employees are working, or attempting to appear to be working, while distracted or in a potentially problematic environment. Indeed, working from a sports stadium could put confidential work communications and information at risk with laptop screens in easy view of onlookers and lead to network security issues with public WiFi.

Employers may want to dust off their remote work policies and evaluate whether they provide clarity around appropriate locations to perform work.

What Can Employers Do About Nontraditional Remote Work Environments?

  1. Clear Remote Work Policies

Employers may want to review their policies to ensure there are clear provisions or guidelines governing what locations are appropriate for working remotely. As an additional element of security and visibility, employers may further want to require that employees performing certain kinds of sensitive work obtain consent to work from a secure location other than home when necessary.

  1. Employee Work Locations

In certain workplaces, employers may want to consider how they monitor employees and their productivity. Many technology tools enable employers to track employees’ online activities or the physical locations of company devices. Of course, employers may want to evaluate employee relations considerations tied to any monitoring program as well as the increasing and myriad state and local laws addressing employer monitoring programs.

  1. Network and Information Security Software

Employers mandating that employees perform any work on employer-provided hardware (e.g., employer-provided laptops) may want to ensure those devices have network and information security and location monitoring software installed and that the technology is up-to-date and sufficient for employees to perform their jobs. Employers that do allow employees to use their own devices (BYOD) may want to require the installation of similar remote work software on those devices. Employers may also want to consider providing employees with internet hotspots for times when employers know employees will be working in public locations to avoid having employees working from shared or open networks. At the same time, employers may want to beware of the risk that such hardware will be lost or stolen.

  1. Security Measures

In addition to hardware requirements, employers may want to consider implementing policies that require employees to take basic security measures on their own while working from a public location. Employers may consider requiring employees to take work phone calls in secure places, require the use of privacy screens over laptop monitors, warn against leaving laptops and other hardware unattended, and mandate other actions to address basic privacy and proprietary information concerns.

  1. Compensation for Time

If an employer does become aware that an employee has performed work at the ballpark or in another location where distractions may have been present, the employer may question whether it must pay the employee for the time the employee logged that day. There are a myriad of federal and state wage-and-hour laws that employers can consult (as well as a review of the employer’s policies) that will answer this question. Usually, however, if employees report that they performed work, the employer may decide to compensate them for their time and evaluate whether there is a separate counseling or disciplinary issue that relates to policy or rule violations to consider.

Key Takeaways

Employees working from home or remotely, at least part of the time, appears to be the future for many workplaces across the United States as technology has made it easier for employees to stay connected with work and complete work tasks. The “Work From the Ballpark” promotion may serve as a reminder for employers that they may want to consider ways to ensure employees are working from appropriate locations to maintain productivity and information security with a remote workforce.

For more Employment Law news, click here to visit the National Law Review.

© 2022, Ogletree, Deakins, Nash, Smoak & Stewart, P.C., All Rights Reserved.

6 Tips to Better Organization for Lawyers

Practicing law involves managing countless details and deadlines. For this reason, organization for lawyers can become a challenge for many lawyers in a high-paced law firm juggling various projects.

Without essential organization skills or resources to support the workload, it’s easy for information or tasks to innocently fall through the cracks. Adversely, this can leave lawyers feeling burnout or overwhelmed which could lead to a deterioration of quality of service, impacting overall client satisfaction.

Maintaining organization for lawyers is more than having pristine files and an uncluttered office — it includes critical skills like strategic planning, time management, and task prioritization.

Why Do Lawyers Struggle with Organization?

For years, lawyers were often depicted as busy professionals constantly shuffling through papers and running to the courthouse. Remote work and the rise in legal technology have certainly modernized a lawyer’s day-to-day activities, but that doesn’t mean those tasks are necessarily organized.

Lawyers have a lot to manage in a high-stress, high-performance environment. Often, this can lead to a system of organization that’s known only to the lawyer — billable hours written on sticky notes, case files interspersed with other papers, and deadlines tracked on a notepad. To avoid chaos, here are a few tips to have a more organized work life.

Organization for Lawyers: 6 Tips

Maintain an Organized Workspace

There’s no right or wrong way to set up an office or workspace, but it should work for you. That said, clutter can be a barrier to organization. Keep your desk tidy and free of clutter. Put away anything you’re not working on right now and gather loose documents and file them.

If your law firm relies on paper, consider the benefits of transitioning to a digital process. Lawyers have traditionally dealt with mass amounts of paper which can lead to disorganization and hinder productivity. Limiting the amount of paper you use in your day-to-day with a digital filing system will greatly improve the accessibility you have to the work you need.

Establish a Routine

While we all have the same amount of hours in the day, the way we use them directly impacts our productivity.

Highly productive people often start the day with a priority to-do list that reflects the tasks that absolutely must get done that day. The rest are tasks that you could do, if you have time, to get a jump on the next day’s work.

When you’re planning your routine, be sure to leave time to make calls and emails, take a break, and have lunch. Before signing off for the day, take a few minutes to create your priority to-do list for the next day.

Block Time

We’re more connected than ever before, which comes with the pressure to stay in touch with work colleagues, family, and friends at all times. Our devices can become a source of distraction instead of productivity at work.

This is where blocking time comes in handy. For some, using time blocks and a calendar is more effective than to-do lists. Use your calendar as a time-blocking tool and divide your day into different blocks of time, each with a specific task.

Improve Time Management

Lawyers often find themselves struggling to balance time spent on non-billable administrative tasks and their caseload.

Fortunately, legal project management tools can help with time management, time tracking, and overall organization, with project management features to manage your caseload along with time tracking and billing functionalities. The right platform allows you to separate time and expenses, add notes or related files, collaborate with colleagues, and set customizable notifications to ensure you’re focused on the highest-priority tasks.

Commit to Better Communication

One of the casualties of disorganization is a reduction in client satisfaction. This can be due to a decrease in the quality of service a lawyer provides because they’re so busy.

A simple way to combat this is by blocking time, but also leveraging modern technology to streamline your communication. Features like client portals are a way for clients to feel connected to your firm while also having on-demand access to the information they need.

Track Time in Real Time

When you’re shuffling between cases, it can be easy to lose track of your billable time. This is why it’s important to have resources that allow lawyers to work as they go without having to guess how many hours they spent on a client.

Neither overestimating nor underestimating billable hours is good for a law firm. If you overestimate your time, you could be in violation of the American Bar Association’s Rule 1.5 on billing and fees. If you underestimate your time, you’re leaving money on the table for valuable services you’ve provided to your client.

Tracking time in real-time is important for accuracy and your organization’s well-being. Time tracking tools allow you to set timers on your laptop, tablet, smartphone, or desktop.

Proper timekeeping not only helps you stay organized and bill accurately, but it helps you identify where you could improve your time management and productivity to get more accomplished in your day.

How Legal Technology Keeps Lawyers Organized

Law practice management software offers plenty of tools to help you stay organized. Time tracking, project management, and document management tools ensure you can organize files, plan your calendar and tasks, communicate with clients, and track time to improve your productivity from anywhere.

Organized Lawyers Are an Asset

Firms and clients realize the value of having modern processes to assist lawyers with staying on top of tasks and deadlines. It may not happen overnight, but taking steps toward better organization with tools like law practice management software will improve your efficiency and productivity.

This article was authored by Nina Lee of Bill4Time.

For more law office management news updates, click here to visit the National Law Review.

©2006-2022, BILL4TIME. ALL RIGHTS RESERVED.

Better Late than Never, Just About – UK Government Issues Workplace Guidance on Living with COVID

So with Covid 19 now officially behind us for all purposes (except actual reality, obviously), we have now been graced by the Government’s new “Living with Covid” guidance.  This was due to come into force on 1 April and was released fashionably late in the afternoon on, well, 1st April.  You could say with some justification that this did not give employers much time to prepare, but that is OK because on close review of the guidance there is in fact very little to prepare for.  As a steer to businesses, this is little short of directionless.

First, it makes the obvious point that the abolition of the requirement to give covid express consideration in workplace risk assessments does not take away any of the employer’s obligations to continue to comply with its health & safety, employment and equality duties (in the latter two cases, although unsaid, presumably as they may be affected by the former).

From there, the Government moves to normalise covid through a long list of symptoms common to it, colds, flu and other respiratory diseases – fair enough so far – but also to other quite unrelated conditions such as hangovers, migraines, food poisoning, being unfit, malaria and frankly just getting old (“unexplained tiredness, lack of energy”).  The list is significantly expanded from the traditional trio of continuous cough, fever, loss of taste and smell and now also includes muscle pain, diarrhoea, headache, loss of appetite and “feeling sick” (what, really?). Some medical practitioners say that this is long overdue recognition of all the things covid can do to you. However, it is still a wincingly unhappy expansion for employers, since the published list now essentially includes something from pretty much every ailment known to man. The guidance notes that it will not usually be possible to tell whether you have covid or something else from the symptoms alone and of course the free testing by which that could have been determined in the past is now largely withdrawn.  Therefore the guidance to individuals is that “if you have symptoms of a respiratory infection such as covid and you have a high temperature or you do not feel well enough to go to work, you are advised to try to stay at home and avoid contact with other people” and then “Try to work from home if you can.  If you are unable to work from home you should talk to your employer about options available to you”.  Given the rich panoply of symptoms now available to the discerning malingerer, justifying taking yourself home for five days while you work out whether your headache is covid or just a headache has never been so easy.

As a result, the burden is shifted squarely to employers to keep up the anti-covid fight, and in particular to decide whether to maintain restrictions on entry to their premises for those who are unvaccinated and/or untested.  Both will be increasingly difficult to sustain in view of the obvious official indifference to the question evidenced by the guidance, which focuses instead on the traditional measures of ventilation, regular cleaning of high-touch surfaces, provision of sanitiser and hygiene advice, etc. The other big hole in the guidance is as to the employer’s rights (or is it obligation?) to send someone home if they have one or more of that long list of potentially relevant symptoms, and even if the employee himself feels able to work and/or cannot work from home.  Nor does it deal with the employees’ sick pay rights in those cases.

Taking a reasonably hawkish view of those two questions:-

  1. If you know that the employee has symptoms which could well indicate that he is suffering from covid, and even if it could equally be something less serious, are you complying with your Health & Safety at Work Act duty to take all reasonably practicable steps to maintain a safe system of work if you allow him in anyway?  If he works in a sparsely –occupied well-ventilated area, perhaps yes, but otherwise probably not.  Given the virulence of Omicron, it is unarguably foreseeable that allowing someone who may have it to breathe wantonly on other people may lead to their contracting it too.  It is also clearly foreseeable, if no longer as much so as with the earlier covid variants, that those other people may become properly ill or die as a result.  Put mathematically, breach of duty + foreseeable risk of injury + causation + actual injury = liability.

So in my view, despite the vacuum in the new guidance, an employer not just can, but really should send home immediately an employee with any material case of the symptoms listed, as a minimum until it becomes clear that the real issue is something else (though not malaria – best not let them in either).

A firm stance on this will also help combat reluctance to return to the office among those staff concerned about the health risk of doing so.  If they or their cohabitants are particularly vulnerable, the knowledge that basically no precautions are being taken to ensure that those present in the workplace are all covid-free will only feed those anxieties.

  1. If the employee is sent home on these grounds and cannot work there, will he be entitled to full salary (as it was not by his choice) or sick pay only?  In many cases he will be back within a week and the two may be the same.  Where they are not, however, I believe that it would strictly be sick pay only – though the employee may himself be physically able to work, he is practically unable to do so by reason of his own possible medical condition, the risk it may pose to others in the workplace and the duty of the employer to take reasonable steps to head off that risk.  That said, there are employment relations arguments both ways on this – on the one hand, that the symptoms listed are so varied and transient that they represent an easy avenue for abuse, and on the other that if reporting them means you get packed off home on reduced pay (perhaps none until SSP kicks in on day 4), you are much less likely to report them in the first place and will probably prefer to pass your day posing an undeclared but potentially quite serious risk to your colleagues.

Article By David Whincup of Squire Patton Boggs (US) LLP

For more coronavirus legal news, click here to visit the National Law Review.

© Copyright 2022 Squire Patton Boggs (US) LLP

Four Tips to Retaining & Sustaining Your Team’s Motivation During COVID-19

It’s no surprise the novel COVID-19 pandemic is upending the lives of employees who are struggling to focus and stay engaged at work as fears of becoming unemployed or ill loom. As partners grapple with staff changes, juggling client and colleagues’ expectations and adjusting to a new work environment, now more than ever, they’ll need to step in and navigate the new reality of the workplace during this global crisis in order to maintain their employees’ morale. Here are a few ways to keep your team motivated and engaged during these unprecedented times:

  1. Celebrate the big and small wins: No small effort goes unnoticed. Try celebrating small wins, such as a successful call with a potential client, a project being finalized ahead of schedule, or brainstorming a creative idea that piques the client’s interest. Notify other team members as well so everyone can share in the celebration. The big wins almost always receive recognition but getting into the habit of showing appreciation for the small victories will keep staff optimistic and productive.
  2. Proactively assist with other projects: Being buried in projects makes employees feel overwhelmed, stressed and anxious. If you notice an assignment is taking them longer than usual, offer to support certain elements of the project or provide suggestions on how to streamline the process. Another helpful solution is extending deadlines and pulling in other team members that can contribute in a meaningful way. This not only fosters a sense of collaboration, but it creates a healthy manager-employee relationship that survives trying times.
  3. Conduct regular check-ins: With the simple touch of a button, you can connect with people in an instant via FaceTime, Zoom, or Skype. By scheduling and consistently checking-in with your colleagues every week, you allow them the opportunity to voice their concerns and strategize next steps without back and forth emails and text. It also allocates time for human interactions and closeness to help diminish feelings of isolation and loneliness.
  4. Laughter is the best medicine: Who says work must be boring? If you see an article that relates to your industry and it has an interesting or humorous angle, share it. Laughter is the best medicine in hard times and can serve as a stress reliever. Every time you come across something positive, routinely send it around as a “thought you might like this!” to solicit a laugh or two.

Every day presents new opportunities and new challenges. While there’s no clear answer as to when things will return to normal, here’s one thing employers should never forget: a community-driven experience always enables individuals to go the extra mile.

© 2020 Berbay Marketing & Public Relations
For more articles on the legal industry, visit the National Law Review Law Office Management section.

Leveraging Your Microsoft Assets in this Remote Access World

The COVID-19 pandemic has led to an enormous increase in remote work. Organizations without remote access capabilities have adapted and implemented new solutions, while organizations with existing solutions have been forced to evaluate new capacity requirements and scale their solutions accordingly. You may be surprised to learn that your existing Microsoft assets include functionalities for remote access, and you can get rid of redundant or more costly solutions. Your Microsoft subscription, license, operating system, software, service, etc. should all be reviewed in some capacity at this time.

“In recent years, Microsoft has made a multitude of investments and changes to its portfolio and offerings,” says Scott Riser, Director of Microsoft and Data Management Services at Plan B Technologies, Inc. (PBT). “Some of these changes are quickly noticed during renewals or annual reviews, such as Microsoft Server Operating Systems licensing. However, many changes have happened ‘in the background’ and could easily be missed by organizations,” Riser says. “Make sure you’re taking advantage of your existing Microsoft assets, and know your entitlements – especially now.”

Most of these changes go beyond the typical Microsoft portfolio of Office products and Operating Systems. Microsoft has placed significant focus in the areas of security, video and audio conferencing, VOIP, virtual desktop, artificial intelligence, and cloud computing. Many of these Microsoft assets, which are likely already in your organization, are gaining additional functionality for your remote workforce. This can be done with minimal management overhead and reduced implementation costs over competitive third parties. So how do you ensure that your organization is properly leveraging its current Microsoft assets?

Know What You Have

Leveraging Microsoft assets to the fullest starts with knowing what your organization has purchased, and to what it is entitled. This goes beyond Microsoft assets alone and a full inventory of software, services, and features within your environment should be performed sooner rather than later. This full evaluation serves three purposes. First is that of an internal audit to ensure your organization has the proper number of licenses for each product and to correct licensing infractions before you incur hefty true-up costs or additional licensing fees. The second purpose is educational, as it provides technical staff and administration an understanding of the entitlements each software or service provides. This is particularly valuable since Microsoft 365 cloud subscriptions now include licenses for some on-premise systems. The third purpose of this evaluation is to identify overlaps in features and functionality among products to lower costs, simplify management of the environment, and promote productivity.

Failure to perform a review of current entitlements can result in a significant overspend and an overly complicated environment that is more difficult to manage. For example, your organization could be using a third-party Multi-Factor Authentication (MFA) provider when an already purchased Microsoft subscription has MFA built in, or you may have purchased an MDM solution that overlaps with an existing entitlement to System Center and Windows Intune.

With information from these internal audits, organizations are better suited to make impactful decisions while controlling cost. Once your organization understands what it is entitled to within your existing environment, you must then determine situational awareness for future planning and sustainability. Items that should be included in planning for the future include (but are not limited to) security, management, user workflow and communication.

Secure the Environment

If your workforce is now remote, has your organizational data gone remote as well? Now that most organizations have been required to provide users with remote access, either through Virtual Desktop infrastructure (VDI), cloud-based applications or internet portals, the attack surface for exploitation by bad actors has never been larger. This puts organizations at greater risk of a security breach. Knowing this, Microsoft has invested billions of dollars to protect their product offerings and combat cyber criminals.

Microsoft now has a full portfolio of security offerings, and buildings full of teams dedicated to securing their services and platforms as well as assisting criminal investigations. User identity has become the new perimeter for data as organizations move to cloud-based technologies and a remote workforce. This has been the case for years as VPNs and firewalls have limited preventive impact when a bad actor has credentials to access them. Microsoft has been active in making user identity more secure with easily implemented tools and access policies while also integrating artificial intelligence and improved reporting. These products and features include Windows Hello, Azure Multifactor Authentication, Conditional Access, Credential Guard, and User Sign-in Risk Reporting/Alerting amongst others.

Identity of course is only one attack vector that can be exploited. Therefore, it is essential to secure end user devices and the infrastructure where data is located. Microsoft Defender and Advanced Threat Protection (ATP) is ideally suited to protect servers and end user devices when implemented properly. Plus, it’s included in many Microsoft 365 subscriptions.

“In the past, Defender has received a stigma of being unreliable and faulty,” says Scott Riser, “but Defender has since become one of the most reliable pieces of security software available today. Why? According to Microsoft, over 1 billion devices are currently running the Windows 10 operating system, providing trillions of telemetry data points to continuously improve all Microsoft security services. And as a result, Microsoft has the largest security footprint in the world.”

The data provided by Defender from these devices is reported to artificial intelligence algorithms as well as Microsoft security teams to patch security flaws and update anti-virus definitions at unparalleled levels in the industry. It is also important to note that Microsoft Server Operating systems utilize Defender and the Defender platform can be upgraded to Defender ATP software to enhance built-in capabilities and provide additional security for on-premise data.

With an increasingly remote workforce, many organizations have moved their data to Exchange Online, SharePoint Online, and OneDrive for Business. Microsoft has built-in security solutions for these platforms as well. Depending on the Microsoft subscription that you’ve purchased, Exchange Online Protection, Azure Information Protection, Microsoft Advanced Threat Protection and Azure Advanced Threat Protection, can all be utilized to secure data stored in these locations. Furthermore, Microsoft understands that some organizations require more control over their data and systems in Infrastructure as a Service solutions such as Azure and AWS. For this, a combination of Defender ATP and Azure Sentinel can provide real time analytics and automated responses for detected breaches based on custom workbooks in a pay-as-you-go model.

All these security measures protect against bad actors attempting to breach an organization’s data. This of course does not protect an organization from internal threats, such as disgruntled employees or the inevitable human error. Organizations must now secure data from exfiltration which is not as simple as preventing all data from leaving the organization. The problem is more nuanced. A full lockdown, though simpler, would prevent your organization from essential collaboration with its staff and clients. Failing to protect data internally may result in proprietary data inadvertently shared with a client, or competitor, or being lost entirely. In healthcare and financial services, it can result in a loss of personal identifiable data, or banking information, which carry hefty fines from regulatory bodies.

Microsoft Data Loss Prevention (DLP) is the solution to this issue. With DLP, custom policies can be defined by an organization to determine data that should not leave the organization. It can also remind a user to review data being sent as it could possibly be confidential. DLP continues to gain traction in Microsoft 365 settings as the need to protect cloud-based collaboration platforms such as Teams and OneDrive grows. DLP can also be implemented in some areas of on-premise infrastructure. Exchange has built-in DLP features that often go overlooked. Organizations tend to use Mimecast, Proofpoint, and other third-party vendors for these solutions while the built-in functionality remains unconfigured.

Device Management and Compliance

Another challenge of a remote workforce is the ability to maintain and manage devices, both corporate-owned and user-owned. Multiple organizations have made significant investments in System Center Configuration Manager (SCCM), only to find that policies and updates have not applied to end user devices unless they are on the network or connected via a VPN. Organizations can expand their SCCM environment to include cloud distribution and management points for devices that are not on-premise.  But this is not always an ideal solution as it requires additional infrastructure and configuration with SCCM. This has led to a rise in the use of Mobile Device Management and Mobile Application Management solutions such as Microsoft Intune. Through co-management, organizations can continue to utilize SCCM in conjunction with Intune for management of all devices regardless of corporate connectivity. This was further emphasized by the recent integration of the license offerings to provide Intune subscriptions for those with SCCM Client licensing and vice versa.

Collaboration and Communication

Securing and managing a remote work environment is important but ensuring users can communicate and collaborate on work that was previously performed in the office is one of, if not the biggest, challenges. Daily interactions between corporate users should be considered since the ability for face to face interaction through office meetings, business lunches, and other personal touches has significantly declined. These interactions are now being held through chat programs and conference calls. External communication is one of the primary reasons that Microsoft is still considered the industry leader for collaboration software with many companies utilizing the Microsoft Office suite.

A frequently overlooked solution included in your Microsoft 365 subscription is Microsoft Teams which provides instant messaging, document collaboration and audio/video teleconferencing. Furthermore, Microsoft Teams is integrated with and supported by other Microsoft products. It’s also governed by Advanced Threat Protection and Data Loss Prevention services to provide a more secure platform than its competitors with minimal (if any) additional investment. Microsoft Office can be customized based on the needs of the user and can easily be secured and managed when used in combination with other Microsoft offerings.

Getting the Results

Challenges continue to present themselves as users work remotely and organizations refine how they operate. With a vast majority of organizations utilizing Microsoft products in some way, it is important that entitlements are understood to reduce costs and complexities. Organizations can improve their return on investment (ROI) or make new investments once this is understood. Leveraging Microsoft service offerings can be optimized beyond the traditional use of Office products and Operating Systems, to provide a secure, managed, agile, and accessible environment for users regardless of their location. The result will be a streamlined, cost effective, collaborative environment that strengthens your organization’s bottom line.

© 2020 Plan B Technologies, Inc. All Rights Reserved.

For more on technological solutions for law firms and other industries, see the National Law Review Law Office Management section.