Lithe Chief Executive Officer – Anthony Murphy.
The overwhelming majority of UK senior business leaders and the public believe people will not return to offices in the same numbers as before the pandemic, reports a BBC-sponsored survey by YouGov, published on 16th September 2021.
This news echoes the message of many other surveys – hybrid working is here to stay. What’s more remarkable, but less often discussed, are the risks hybrid working introduces for organizations.
At Lithe we have chosen to embrace hybrid working as a new norm because we believe the benefits to our team, our clients and the environment are too important to overlook. Similar choices are increasingly widespread, with more and more organizations announcing hybrid as their future way of working. But how many have considered the many hidden risks of hybrid working and put an effective mitigation plan in place to avoid them?
This blog focuses on one specific risk – we call it the document problem of hybrid workers. I will outline the issue, expose the weaknesses of solutions some organizations choose, and propose a technology specifically designed for this document automation problem – Lithe Digital Documents.
It is common for organizations to have contractual obligations with customers and suppliers specifying where data will be stored and who can view it. Hybrid working creates new challenges to continued compliance with these agreements because it creates new challenges to document and data security.
Hybrid companies need an effective strategy to meet their compliance obligations when business processes must reach out to their home worker’s desktop, laptop, tablet, or mobile device.
Consider physical paper documents. It is not feasible to permit workers to transport paper home in their bags or backpacks as they move from a day in the office to one at home. The risk of leaving confidential or sensitive information on a train, tube/subway, tram, or bus is too high and the cost potentially catastrophic.
GDPR and similar regulations have heightened senior management attention to the importance of data protection and document control. In the UK alone, the penalty for infringement can be as large as £17.5 million or 4% of annual global turnover – whichever is greater – and multiple countries now have similar large penalties for lack of careful document and data handling.
A risk review will confirm there is only one viable solution to the problem. Every document must be digitized within the company’s boundaries before then being sent securely to staff. Sending the physical document to staff creates risk of loss, duplication, tampering, etc. that digitization can simply remove (more on this later). Better to avoid or restrict the situations where physical access is granted and, where it’s needed, to automatically record that physical delivery was requested and made, when and by whom.
Not 80% or 95%, but every document needs to be digitized. To continue with paper in any process is just too high a risk. And don’t forget, even documents that are ‘born digital’ are often printed on paper and transported in that format, exacerbating the paper document problem.
Email is not the answer
If we assume the problem of physical documents is solved, with all documents being digitized (and kept in digital form) within the company boundaries, has the risk been effectively managed? Unfortunately, the answer is no.
Many digitization projects decide the solution is to scan documents and distribute via email, claiming victory over the compliance problem. But email is rarely the answer to any compliance problem, and certainly is not here.
Email is an ineffective solution because it gives too much ungoverned power to individuals, makes compliance tracking costly and expensive, and severely weakens document and data security.
Misdirected email and attachments are the biggest risk to data security – ask your Chief Information Security Officer (CISO). Over 90% of organizations have suffered email data breaches in the last 12 months, with 80% of breaches caused by email reaching the wrong recipient or attaching the wrong file. Hybrid working increases this risk because highly distributed teams resort to email even more than previously.
Amazingly, despite this, email is the most common mechanism used to share electronic documents between workers. Before you know it there are multiple copies of the same document across multiple teams, without version control and audit tracking. You need a forensic team to uncover who has copies and which people have accessed the document. Alongside the already high risk of accidental security breaches, the risk of intentional fraud also increases.
Most companies have removed the opportunity to send a document to personal addresses ending in Hotmail.com or iCloud.com, for example, but not all. Even when personal addresses are prohibited there is still the risk of someone sending an email to a valid business address but reaching the wrong person or sending the wrong documents, perhaps outside your Company.
Unsurprisingly, email is not the solution – the financial and reputational risk is simply too large to allow it.
A delivery system is required which can route documents to only the correct people, record a full audit history of all interactions with a document, ensure there is only one copy and ensure documents cannot be accidentally sent outside the business boundaries. This system needs to be available to the worker in the office and at home or while traveling so they can work seamlessly between locations, maintaining peak efficiency while removing the security and compliance risks.
Content management to the rescue?
Many of the problems with email are alleviated with an effective content management solution such as SharePoint. Documents can be stored in a team folder with links being shared to colleagues providing the tools to put some effective controls in place.
But the trouble with content management systems such as SharePoint is that they allow people to download copies of documents, attach physical copies in email rather than just links, and do not restrict the number of locations where a document is stored. Email creeps in and remains in practice a key component of all content management systems, allowing the bad behaviours and consequent risks we’ve discussed to remain unmanaged.
Content management solutions are notoriously difficult to implement and maintain, rarely meeting the goals of project teams and taking too long to implement and change. Designed for an internal office environment they are not an effective solution for hybrid teams of at-home, in-office and travelling workers. Even if you could lock these systems down, the effort, cost and time to compliance is just too high.
The switch to remote working as a core component of working life happened suddenly due to the COVID pandemic, and new security risks immediately followed. Every day that passes is another day of unmitigated risk. Solutions are needed which can be deployed and used within days, not after an 18-month project.
A custom-designed solution, ready to be used today, which was designed from day one with compliance in mind is the only way to solve the problems I have outlined.
Digital Documents is the solution
Lithe Digital Documents was designed to support organizations with distributed workers where physical and/or digitized documents are key to business processes. The pandemic has vastly increased the number of companies that need to solve this problem. To reduce business risk, these companies need a solution urgently.
Digital Documents allows you to:
Hybrid working had been a growing trend but has quickly become simply “how we work” at most organizations. It’s time to change how automation supports the new world of work.
We’re genuinely interested to hear your hybrid working challenges and to help you address them. So please contact us for a discussion or to request a demonstration of Lithe Digital Documents.