Keep calm and carry on... at home

In just 46 days time, the world’s greatest sporting event arrives in London. But rather than wishing away the days like children before Christmas, businesses across the capital are losing sleep over the potential for widespread disruption.

London & Partners – the capital’s official promoter – estimates that the number of visitors staying in London during the 2012 Games will be in the region of 881,000 people. In addition, a massive 5.5 million day visitors are expected to descend on the capital from across Europe.

These extra numbers will place unwanted pressure on a transportation network already at breaking point. Anyone who works in London will be able to tell you just how much the network currently struggles during peak times, and how they are dreading the prospect of having millions of extra people to contend with.

A recent survey conducted by the London Assembly’s Transport Committee found that 80% of travellers regularly have to endure overcrowding on the tube, with over half unable to board the first train at the station. Above ground the situation isn’t much better, with the Mayor of London’s office conceding earlier this year that the cost of congestion on the city’s roads is close to £2 billion a year.

Understandably then, London-based businesses are concerned about the affect an influx of sporting enthusiasts will have on their intrepid employees, with Transport for London (TfL) recommending that businesses be more flexible and allow home-working to ease congestion during the Olympics. A snap poll conducted by the Federation of Small Businesses in April revealed that 17% of their London-based members will allow employees to work from home, with 28% willing to accommodate flexible working hours. Should the expected travel disruption ensue then it is likely this figure could dramatically increase during the games themselves.

Recent risks such bird flu, swine flu, fuel and transport strikes and extreme weather events have given businesses cause to explore the possibilities of enabling their employees to work from home. Facing their biggest logistical challenge in over a decade, it can only be expected that many more will start doing the same.

According to Stephen Bonner, Information Security Partner at KPMG Risk Consulting, during this summer’s Olympics “more people are going to work from home than ever before, and a lot of the companies that haven’t taken part in it before, will be doing so for the first time”. As businesses move towards flexible working for the first time, risk managers need to ensure that they have procedures and processes in place to facilitate ‘hot desking’ while also offering maximum security to the business and its data.

Of course, not all businesses are able to simply keep calm and allow employees to work from home. Colin Barker, Group Risk Manager at Bayer told StrategicRISK that at least one of their suppliers plans to close its entire operation during the Games as it anticipates staff travel issues over the period.

The ability of internet providers to accommodate a surge in extra outage capacity has been questioned but providers remain confident the system can handle this increase. According to a Virgin Media spokesman “we’re prepared for growth in traffic on our network, including increases during the day as more people may choose to work from home or watch more content online during the games.”

Digital providers argue that the volume of business data likely to be transferred during the games is tiny compared to the regular total volume of movies, music and photos being sent around by users on a daily basis. Yet Bonner foresees problems occurring “for those living in or around the recognised hotspots for crowds during this summer’s Games who may find their wireless broadband services disrupted due to congestion”. Also, capacity isn’t the only threat to provider networks, and organisations should have back-up plans in place in the event of accidents or cable failures.

Risk managers should also focus their attention on ensuring that their organisation is prepared for the number of employees choosing to work from home during the Games. Bonner suggests ‘dry runs’ should be performed to ensure that virtual private networks (VPNs) are capable of accommodating the surge in usage brought about by multiple employees working from home during the games. However, according to a recent KPMG Risk Consulting survey completed by 1,400 Londoners, only 7% said their companies were doing this on a daily basis.

The greatest threat for an organisation allowing its employees to work from home is the security of its data. VPNs are perfect for running corporate data across a public network without exposure, but as employees at MI5 have found in the past, the most secure network in the world will not be able to protect you from losing a laptop on a train or in the back of a taxi.

And it’s not just laptops. In the KPMG survey, nearly a third (32%) of respondents stated that it was their intention to either print documents to take home, download data onto a USB stick, or email work to their personal email account. Hardcopy documents or files contained on USB sticks are liable to be lost in transit, while emailing work home means copies of files and documents will not only sit on work systems, but also those of the email provider and employee, which may also be exposed to multiple users and therefore viruses. The results were all the more alarming given the fact that 31% of respondents said that they had received no security or best practice advice from their employers with regard to handling hard or soft documentation.

One other major factor involved in the security of an organisation’s data is the equipment on which it is held. Personal devices need to be configured or ‘made safe’ by IT departments, and this is a regular practice for businesses used to flexible workers, or simply because their personal device is preferable to the office equipment. But employees who become stranded if the network is gridlocked will have unprepared machines with weaker security controls and are notoriously harder for companies to police. Personal devices are less likely to be encrypted and tend to have out-of-date security software. And data, once stored on a personal computer is near-impossible to monitor and/or have deleted if and when the employee leaves the organisation at a later date.

If not addressed, the operational and security risks involved in allowing home-working during this summer’s Olympics are huge. But with six weeks to go, businesses still have plenty of time to carry out the steps required to mitigate these. Bonner makes the point that: “For most organisations there’s real value in doing this for the flexibility it provides – there’s a very strong return on investment. Particularly on the bring-your-own-device-type capabilities where they can connect from their own devices but safely, they’ll tend to work longer hours and do more work but feel happier about it.”

Providing for home-working shouldn’t be viewed simply as a short-term solution for the Olympics, but as a means of making organisations more productive, more flexible, and better prepared to avoid any future business interruption issues.