Recently, several of us joined the CMG “Leading in the Age of Remote Work” virtual roundtable discussion moderated by Anoush Najarian, Development Manager, MathWorks. Joining Anoush was CMG Managing Director, Amanda Hendley, Allan Friedman (Vice President of Business Development for MOST Technologies), Amy Tobey (Staff SRE and Developer Relations Lead at Blameless), and Donna Gallaher (Virtual Chief Information Security Officer). About half of the participants were already working remotely pre-COVID but are now adjusting to the challenge of working with entire organizations that are in uncharted territory.
In these challenging times, and with more remote work all around us, how have you noticed yourself leading differently? Or how have you seen others leading differently?
Donna Gallaher: I have applied a greater level of discipline. It’s more than preparing for video conferences, but also your goal setting and managing more self-imposed deadlines. You have to be much more deliberate in your work now.
Amy Tobey: We’ve had to change the way we do outreach. Before COVID-19, a lot of our outreach used to be via in-person conferences where I would go and talk directly with customers and prospects. We’ve had to shift to doing more online and I am doing more on twitter and with online webinars and panels. We’re also still experimenting with scaling communications so that we’re not forever hosting one-on-one Zoom sessions forever.
Anoush Najarian: I have noticed some leaders who are typically more reserved finding ways to be more visible. Whether it is Twitter feeds or podcasts or TV, we are able to see leaders starting to emerge. I see more virtual-video standups and organization-wide emails.
Amy Tobey – Leaders really have to put themselves out there more in remote-work situations. There isn’t the opportunity to run into someone in the elevator or hallway, so you have to find other ways to create interactions. Also, when a leader is having interactions, they need to be very conscious of the greater context of the situation and their communications.
Amanda Hendley – I think that one thing that gets lost with working remotely is the opportunity for collaborative working. It can be very beneficial to drop a very rigid agenda and to use the time to be creative and just engage in open discussion. I don’t have a name for it, but I get a lot from collaborative sessions using a web conferencing tool and shared document. I’d encourage you to consider incorporating non-agenda meetings into your repertoire.
Anoush Najarian – That is an interesting concept to me as a performance person who is very aware of the amount of time that meetings are taking in a person’s day.
Amy Tobey: Neuroscience and psychology back up the concept, however. Free “jam time” can be healthy and be a different way to connect with our co-workers.
As most organizations are finding themselves 100% remote, how has that impacted your work?
Amy Tobey: I have primarily been working remotely on and off for the last 15 years. Since taking on this role, I’ve been remote 2-3 days a week. The company has quickly adjusted to working 100% remote since we already had this remote component in place.
Allan Friedman: I’ve been working remotely for much of my career so there hasn’t been a big shift for me. I do expect one outcome we will see is that certain assumptions that people need to be together for certain things are proving to be myths. We’re going to move away from valuing everyone under one roof and that we need a lot of real estate to house them.
Anoush Najarian: My organization believes in having people in the office to work collaboratively but I’ve done a lot of volunteer work outside of that work. I’m much more conscious of connecting with others that are isolated and outside of the office.
What are the most difficult challenges that leaders are facing today?
Amanda Hendley: I had the opportunity to talk recently with some executives who were talking about the challenges they were facing. There were some big challenges they faced including the lack of capabilities and policies to support remote work. They also expressed that their employees were struggling with discipline on top of the added challenge of now working from home with their spouses and children.
Amy Tobey: In addition to working remotely, there is also a great deal of external stress happening as well. It is draining at a base level. Similar to Spoon Theory, the disability metaphor used to explain the reduced amount of mental and physical energy available for activities of living and productive tasks that may result from disability or chronic illness. It’s very similar to the cognitive capacity you have left after you wake up in the morning and get dressed. On top of that, you have the worry about COVID-19, and your community, and your families. And so the amount of performance that we can expect from people is lower. And so I hope that people are adjusting their expectations as well as looking for ways to implement accountability in a fair and safe way.
Donna Gallaher: From a security perspective, it is much more difficult to secure a remote workforce. You don’t have the visibility of people’s home networks and you don’t know if they are patching their systems or updating their tools. I actually have a client right now that has an interesting challenge. It’s not something you would think of as a general worker, but a security team has to manage the workforce and work to reduce risk. Proper cyber hygiene is a real challenge. It’s a risk management exercise with a lot of hard decisions right now.
Are you working to create some best practices or security frameworks that may help companies now or with future remote work situations?
Donna: I have multiple customers and I can tell you a little bit about their security practices. For me, I make sure to segregate their environments by using an assigned device or a specific tool set for a specific project. For the companies that I advise, I encourage the use of VPNs and patching. Patching is the equivalent of washing your hands for sure.
Amy Tobey: We’re moving to serverless environments. This is an increasingly common solution and it enables me to get most of my work done with Slack and Chrome. The remaining work can be done with a VPN for accessing the developer environment.
Allan Friedman: We were already set up for working securely so there are no major changes we can anticipate. It has been interesting, however, incorporating Zoom into a local club that I am a member of. We’ve been able to get it up and running but now we have to address the security issues of the tool.
Amy Tobey: There’s a really important discussion going on about Zoom right now because of what you mentioned. The phishing issue is a real issue for companies that are using these tools to share sensitive information.
Amanda: Yes, one of the things that is interesting is that there is such a need for teleconferencing solutions that there is not an emphasis on the security of the systems. When we come out of this, I wonder if companies will start to be concerned about how and where their data was shared during this time. Will COVID-19 emails be replaced with emails alerting you that your data may have been compromised?
Donna Gallaher: Well, that is already a challenge. Privacy breaches are already increasing. For example, I signed up for a webinar with the SBA and in one particular email announcement, they revealed the addresses of all 200 people on the call.
Amy Tobey: I also saw a real-world case of that on Twitter the other day. I don’t remember where it was, but the owner of a number of apartment buildings emailed all of their tenants and used CC instead of a BCC. The tenants actually started using the email chain to communicate with each other. It sounds like the owner might be looking at some serious financial troubles because now the tenants are organized together.
What is the difference between safety and control over employees versus security measures?
Amy Tobey: It is like what Donna was talking about. It is a tradeoff between protecting a company’s assets and having people work remotely. They need the certificate refresh but you also want your employees to be safe and not transition to work too soon.
Donna Gallaher: At the end of the day, I think that a company would rather have their employees be safe. As far as security measures, acting as a CEO, I would be trying to put controls in place where I can limit employee access. You generally want to limit what the users can do to just what is applicable to their job role. You wouldn’t want to give local admin rights to your people, for instance. Or, if someone needs admin rights sometimes, they might have an admin account for those activities and a user account for general activities.
Amy Tobey: There is an emerging trend on the tech scene where we give more autonomy to employees to build trust. This includes allowing employees to install programs on their workstations. The idea is that it creates organizational resilience through happier employees who are more committed to the organization and its policies.
Donna Gallaher: If the organization focuses on the welfare and happiness of its employees, and they’re paying them well, and they’ve created a good environment for them they are going to be less likely to do something malicious to the organization. At the same time, people can get stressed and there are other factors. I’m always going to be the person lobbying to make it more strict. You’re a good counterbalance to me, Amy, of showing the benefits of the other side of the spectrum.
Amy Tobey: For leaders, if you don’t already have them, schedule more frequent one-on-ones with your people. That’s where you’re going to find out how people are doing but also you’re giving them a gift of listening and being able to hear what’s going on in their lives and it’ll create a greater degree of trust. You’ll start to get a better idea of what they’re doing with their time and that accountability that I think a lot of leaders want.
Allan Friedman: Necessity is the mother of invention and I think that we will come out of this with stronger on the other side.
Donna Gallaher: Please, please everybody learn how to go out and patch all of your devices. From a leadership perspective, reach out and make sure that everyone has the resources they need and are not having trouble with security-related issues.