WFH Best Practices: How to Maintain Productivity and Security

WFH Best Practices How to Maintain Productivity and Security Long-Term


After a year of WFH, most business leaders have firmly established their stance on the practice. Jack Dorsey, CEO of Twitter (and Square), told his employees in a May 2020 email that they could WFH forever. While Netflix employees remain WFH as a safety precaution, CEO Reed Hastings called the arrangement “a pure negative.”

But Hastings’ opposition is unique, at least among brand-name US companies. Facebook, Zillow, Twitter, REI, and Mastercard responded to the pandemic by announcing indefinitely-extended or even permanent WFH policies. Airbnb. Indeed, Shopify, Uber, and Box provided their employees with stipends for new home office equipment.

As COVID-19 vaccines become more widely available, returning your entire workforce to the office will be feasible. At that point, the question becomes: do you want to?

If your organization intends to keep some level of WFH as an option beyond the pandemic’s end, you’ll need to create a sound policy around it. To keep things simple, we recommend crafting one with two objectives in mind: Productivity and Security.

When our clients rolled out new WFH policies last year in response to social-distancing measures, they made relatively minor investments that aligned with these objectives.

Below we outline how our most successful clients maintained productivity and security throughout a full year of WFH:


Keeping Your Team Productive

Staying productive in the WFH environment boils down to three key components:

  • Cloud Platform. Connecting to physical servers at your office is inefficient and unnecessarily complex. One effective technology setup is for your team to use company-owned (and centrally managed) laptops to log into cloud applications like Office 365, iManage cloud, and QuickBooks online. Another is to use a Virtual Desktop platform (VDI, Desktop-as-a-Service) that allows your team to log into their “desktop,” complete with all data and applications, from any workstation or mobile device.
  • Reliable Internet. Of course, accessing these cloud platforms requires stable and fast internet. Consider providing your employees with a stipend for this level of access Benefits like this are likely to build goodwill, since enhanced internet access also makes at-home learning easier for employees’ kids.
  • Furniture and Equipment. Many a WFH employee has come to miss their currently vacant cubicle because the dining room table is a poor substitute. Studies have shown that using ergonomic work furniture can increase productivity by almost 18%. If your employees are going to be WFH long-term, consider offering a stipend or reimbursement for comfortable chairs, keyboards, mice, and monitors for their home setup.

Keeping Your Network Secure

WFH posed a unique challenge to our clients’ network security, as well as to their data. We always remind them that when you permit WFH, your employee’s home network become extension of your own. And in April 2020, BitSight found that 45% of home networks were already infected with malware.

A solid cybersecurity defense employs the following:

  • Advanced Endpoint Protection. Implement this on all devices with access to your corporate data. Traditional anti-virus only recognizes malware that is known and defined. Next-Gen protection uses AI to flag any unusual behavior, kill the process, and possibly alert a Security Operations Center (SOC) to intervene.
  • Multi-Factor Authentication (MFA). Stolen credentials were implicated in 80% of hacks that resulted in data breaches. Strong passwords are still important, but MFA makes it much harder for unauthorized users to gain access to your system even if they obtain a valid password.
  • Backup and recovery for all cloud applications. Most popular cloud applications (like Microsoft 365) include a built-in backup feature, but with limited capacity. In the event of a catastrophic system failure or a ransomware attack, data loss could be substantial. Our clients enjoy peace of mind through supplemental cloud back-up services that we manage.
  • Continuous Education. Criminals are always polishing their social engineering and phishing techniques (like those we explore here). In addition to annual security training sessions, make sure you are consistently putting out security reminders and tips, performing phishing simulation tests, and keeping security top-of-mind year-round.

All told, if you are going to incorporate WFH into your long-term business strategy, it’s important to make sure your technology environment and your policies are designed to keep your employees productive and your network safe.

From there, enjoy the worry-free flexibility of working from your home, your office, a client site, a coffee shop, or picnic table!

More Insights