Reinventing the Workplace Without a Net
The COVID-19 pandemic has upended the lives of billions of people through illness, job loss, and radical lifestyle changes. At the same time, this crisis is forcing millions of companies into unfamiliar, treacherous territory. Most companies won’t emerge from this era unchanged, while others simply won’t emerge.
This global medical and economic disaster created sudden, imposing hurdles for Infosys and tested our ability to be agile and resilient, attributes we’ve promoted relentlessly to clients. With more than 240,000 employees, many working in large offices, Infosys was not structured to easily adopt government social distancing mandates. However, the company does have the knowledge and skills needed to reinvent its approach while simultaneously doing the same for clients worldwide.
In just three weeks after Infosys started closing offices, more than 90% of employees were working from home. That figure has now topped 95%. There was no opportunity for weeks or months of stress testing; the new approach just had to work right away.
“In the four decades of our operations, we’ve had occasion to fine-tune our plans for employee safety and business continuity over several crisis situations,” said U.B. Pravin Rao, Infosys chief operating officer. “And that has taught us invaluable lessons.”
In the past, Infosys executives have scrambled to transport their employees out of Fukushima, Japan, following the nuclear disaster there and out of Houston ahead of Hurricane Rita. Infosys didn’t start from scratch with this crisis, but there were still many lessons to be learned. The threat of a pandemic wasn’t on most companies’ radar as recently as last year. A World Economic Forum survey in 2019 found that fewer than 10% of business leaders from G20 and OECD countries thought of infectious disease as a “looming global risk.”
Infosys’ Bangalore headquarters, with its iconic pyramid studio, is a showplace. Thousands work there, and it attracts business executives from around the world. At any other time, the campus would be a valuable asset to its workforce. But when governments order people to distance from each other and that workers stay at home, a grand headquarters loses some of its immediate benefit.
That’s what happened this spring as coronavirus infections and deaths accelerated. The rising fear about the COVID-19 epidemic, which wasn’t yet classified as a pandemic, forced Infosys to take what initial actions were available.
Fingerprint scanners were disabled at offices worldwide. Biometric security was suddenly a health risk; employees needed to touch fewer surfaces, not more. Most business travel was halted, and cleaning routines became more rigorous. Communication was frequent and included briefings from medical professionals and advice from local health authorities and the World Health Organization.
Ultimately, these precautions were not enough. The government of India issued a lockdown order, as did local, state, and national governments where dozens of Infosys offices are located. In the space of days, most Infosys workers were sent home with no return date certain.
For some employees, the transition was seamless. Many road warrior consultants and executives, who crisscross countries and circle the globe, rarely see an Infosys-owned desk. Remote work for them is just simply work.
But a large-scale workplace transfer wasn’t that simple for most Infosys employees. They worked on desktop computers at their offices every day. Others who perform sensitive work for clients were anchored to segregated wings. Working from a hotel room, a Starbucks, or a spare bedroom was never an option. Until March.
The mass migration of workers happened quickly but not easily. The first, and slightly simpler, hurdle was hardware. Employees needed equipment, whether it was a laptop or a work desktop transferred to their homes. Or in some cases, employees could use personal equipment or devices.
Once these newly remote workers had computers — or suitable devices — they needed connectivity. Infosys worked with its staff to ensure they had internet service at speeds high enough to accomplish their work. The company also had to make sure its VPN bandwidth had enough capacity as these new connections came online.
To ensure clients’ work wasn’t interrupted, executives also had to quickly evaluate different remote connectivity models to find the best fit for each client and each circumstance. Employees can use Infosys machines to connect to client offshore delivery centers via VPN, or they can connect directly to the client network. Using personal computers, employees can work through Windows Virtual Desktops or through iConnect virtual desktops and applications.
Preparing employees for work was only the start. COVID-19 has created privacy and security concerns in cyberspace as well as in the physical world.
Once work moved out of Infosys offices, security was far more challenging but no less important. Inside the offices, the Wi-Fi is locked down tightly with security as its number one priority. Outside, the internet is more like a wilderness, a mixture of wonders and dangers.
With nearly 225,000 employees working from home, cybercriminals have more targets than ever before. Social engineering attacks have increased by more than 400%, most of them using COVID-19 as a hook, according to Gartner. Immediate action was needed since Infosys often works with sensitive information, which ranges from customer data to systems that control critical infrastructure.
Automated monitoring systems were less helpful in this new world. The algorithms look for unusual activity from multiple angles, including resources accessed and time of day. New work patterns created so many false positives that it sapped the monitoring system’s effectiveness. New rules and use cases were created to adjust to what is and isn’t expected.
Employees also accelerated software patching efforts, particularly for critical systems. New cloud systems were monitored closely for misconfigurations, a risk when work is hurried that creates a potential opening for attacks. The current mobile application management and mobile device management model were expanded to include employees’ personal computers. However, that approach was designed to keep a strong separation between their personal and business use (privacy is also a factor that must be observed).
None of those strategies would be possible without updated tools and infrastructure. Infosys invested in multifactor authentication, conditional access, VPN, terminal access, an endpoint protection platform, endpoint detection and response, data leakage prevention, and hardened builds. Servers, networks, and endpoints can all be actively and remotely managed, providing visibility into all parts of the IT infrastructure.
Even with all those cracks sealed, there is still one factor that can’t be automated. Nearly half of data breaches are caused by human error. Infosys is continually educating its employees about cybersecurity and best practices for avoiding attacks, particularly in this new environment. Surveys have shown that remote workers are often less diligent about security when it interferes with productivity.
The new workplace
It has been weeks since COVID-19 was finally classified as a pandemic. In that brief time, Infosys and other companies have gained a level of expertise in reinventing their workplaces that normally would have taken years. No one is certain which of these are temporary adjustments and which are permanent changes. But there is a consensus that many more people will be working from home in the future.
That new landscape provides potential productivity benefits for employers: studies have often found that some degree of working from home boosts output. There are time savings for workers with long commutes and a degree of flexibility they wouldn’t have in the office.
The benefits can also be calculated in other ways. For a case study, Stanford University professor Nicholas Bloom convinced a Chinese travel agency owner to give all his employees the ability to work from home. That saved the firm $2,000 per employee by cutting down on office space in addition to increased productivity. A research report from Global Network Analytics places the average savings for a half-time telecommuter at $11,000 annually for the employer.
Those kinds of changes — at the massive scale we anticipate — will be transformative outside the corporate world. The cleaner air we see now as the result of widespread industry shutdowns and a lack of travel won’t last, even as U.K. website Carbon Brief calculated that COVID-19 is likely to trigger the largest-ever annual decrease in carbon dioxide emissions. However, more modest environmental benefits will certainly flow from this new approach to work.
Global Network Analytics calculated that if people who wanted to work from home and were able did so just half the time, it would take 54 million tons of emissions out of the air each year. Removing cars from the roads will help with greenhouse gas emissions and air pollution. Smaller offices will lower a region’s carbon footprint. Offices will use less electricity, although some of that will be offset by increased consumption at home.
These changes could also diversify the workplace, providing more opportunities for women with young children to enter the job market. Even though gender equality has grown, women are still responsible for a larger percentage of child care.
There is no upside to a pandemic, but there are opportunities for companies and societies to emerge in a better state.
The global spread of COVID-19 has tested the resilience of almost everyone: the families locked down in their homes, medical systems bracing for the worst-case scenario, and corporations reinventing their workplaces on the fly.
At Infosys, the pandemic stretched capacities and challenged operating models. Although the company has prized business continuity, the coronavirus has demanded a degree of speed, surefootedness, and empathy like never before.
This crisis is far from over. The death rates haven’t yet peaked in some places, and medical experts say some degree of social distancing might still be needed until 2022. Still, Infosys is emerging from this first round with confidence in the company and in its people. The crisis has forced us to be both flexible and strong, to bend but never break.