When you’re starting to drown between employee concerns, payroll duties and helping your CEO -- HR Insider is there to help get the logistical work out of the way.
Need a policy because of a recent regulatory change? We’ve got it for you. Need some quick training on a specific HR topic? We’ve got it for you. HR Insider provides the resources you need to craft, implement and monitor policies with confidence. Our team of experts (which includes lawyers, analysts and HR professionals) keep track of complex legislation, pending changes, new interpretations and evolving case law to provide you with the policies and procedures to keep you ahead of problems. FIND OUT MORE...
Work from home – does the employer have to provide equipment?
Ask the ExpertCategory: QuestionsWork from home – does the employer have to provide equipment?
hri_Admin asked 4 years ago
If an employer is shifting to a work from home program, does the employer have to provide those employees with the equipment (wifi, laptop)? We are a not-for-profit with tight budgets. Only half our staff have work laptops and work cellphones. Our IT department has provided staff with instructions on how to log in to the network remotely and are asking employees (who don’t have organization assigned equipment) to use their own personal computers and devices when working from home. when employee asked if we will be paying for part of their cell phone and Internet bill. This was not something we were planning to do. What issues do we need to be mindful of?
2 Answers
Glenn Demby answered 4 years ago
Many employers have BYOD (bring your own device) policies requiring employees to use their own laptops, including backups. The downside, in addition to cost to employee, is integrating their devices into your own systems. Of course, there are also privacy and security issues involved. Another option is to give employees a stipend to buy the devices they need. Of course, if you can't afford that, it's not going to do much good. The other option is to let the employees bring their office computer homes, assuming all employees have computers at work. At end of the day, the equipment arrangements for remote work are a matter of business and budget rather than law, as long as all employees are treated fairly and consistently. In other words, there's no law I know of that requires employers to pay for employees home-use laptops. Hope that helps. Apologize for delay. Glenn
Glenn Demby answered 4 years ago
Your Q inspired me to write the following article, which will soon be posted to the site. Sorry I didn't do it a week sooner. Like so many employers, you may be scrambling to set up a virtual private network (VPN) or other system enabling your employees to work from home during the coronavirus (COVID-19) crisis. Here’s a quick look at the 4 data and cybersecurity risks you need to incorporate into your planning. 1. Remote Access Risks The first thing your system needs to do is provide employees remote access. If COVID-19 caught you off guard and without a pandemic plan in place, you may feel pressured into implementing “band aid” solutions that enable remote access by compromising security, like use of remote desktop protocol over the internet. Bottom Line: While you can compromise a little on remote access security, require access through a VPN and provide for multi-factor authentication. 2. Confidential Data Leakage Risks Take steps to keep all data classified as non-public on your organization’s systems, which may include:
  • Giving employees computers and other hardware to take home or via secure remote access technology;
  • Letting employees use their own laptops or hardware in accordance with the rules set out in a bring your own device (BYOD) policy [click here to find out how to create a BYOD policy]; and hyperlink to related article uploaded separately
  • Implementing strict policies on printing confidential business documents or holding confidential business conversations at home.
3. Credential Risks As part of your COVID-19 response, you may need to issue new credentials to new classes workers. In addition to providing clear instructions and policies for password use, you can use multi-factor authentication to reduce credential handling risks. You should also consider reminding employees about phishing risks in the event that, as some have suggested, the widespread creation of telecommuting systems increases vulnerabilities and increases in phishing attacks. 4. Incident Response Risks Chances are that dispersion of employees and absences of key personnel will test your incident response plan. Key questions to consider:
  • Which IT staff member is responsible for coming to the work site if necessary for incident response?
  • How soon can that person get to the site?
  • Who will stand in if the designated staffer has COVID-19 or is otherwise unavailable?