How to Design Better Policies for Mobile Workers (Contributed)

To make this group of government workers more productive, they need access to consumer technologies, but with the right parameters, such as operational intelligence, to ensure success at every level.

by Steve Fallin / January 14, 2020

State and local governments have an enormous responsibility to be good stewards of our tax dollars. Naturally, the big question for many government agencies becomes “How do we choose smart and cost-effective tools for our employees, while balancing our responsibilities and regulations?”

The best advice I can give in this situation is to jump on the consumer wave of technological evolution. When it comes time to deploy hardware and software to employees, lean towards devices and applications that are readily available in the consumer market. There are two compelling reasons why this makes sense. 

The first is competition. The consumer marketplace works to our advantage because it drives technological advancement while keeping pressure on price. Leveraging consumer products allows agencies to harness the inherently rapid cycle of product iteration and evolution.

The second reason is user satisfaction. Agencies that lock themselves into a closed or heavily locked-down technological ecosystem run the real risk of encouraging shadow IT. Since users tend to satisfy their own needs, taking the consumer route to hardware and software deployment can help keep users from actively looking for workarounds. When it comes to supporting and protecting users, the balancing act requires finding a way to maintain security and accountability by passively seeing and controlling devices, applications and data without interfering with productivity.

FirstNet, a private-public entity for first responder communications, relies significantly on consumer technologies. It works with device manufacturers to offer a range of smartphones, tablets and laptops and has a catalog of curated and vetted applications ready to download and install. But users still have the freedom to choose applications for their devices directly from independent sources, giving first responders the autonomy to select best-of-breed tools for their use case.

Using Operational Intelligence

Does operational intelligence (OI) have a role? Absolutely. In this context, OI refers to the tools and processes that the IT department uses to monitor and manage traffic from worker mobile devices. It’s often most helpful to consider the benefits of OI with a consumer mindset. The IT team should evaluate data from environments and people as well as applications, devices and networks to help make judgements for the entire organization. My advice is to drive operational intelligence based on the needs of the humans. At the end of the day, the IT team will be a lot more successful if it adapts the technology to the prevailing employee workflows rather than making workflows fit the technology. 

Because of this human element, there are a lot of “soft” data points that need to be included in any OI program, such as “Are workers getting their jobs done?” “Are they complaining?” “Are help desk tickets increasing or decreasing, and why?”

The IT team should focus first on what its user base needs and wants. This process can be done informally or through formal channels such as surveys and feedback loops. The first step is to learn as much as you can about employee workflows and find out what problems really need to be solved. Once these basics have been established, the next step is to build consensus around a possible solution before any major deployment decisions are made. Throughout this process, the IT team can passively gather usage and security-related data in a way that helps to test its assumptions without unduly restricting the employees’ actions.

If we view the IT organization as a customer service-oriented business rather than a technology-shepherding organization, then we can start to shift the way we look at solving problems. In this scenario, the IT team’s mission is to enable the success of its organization’s mobile workers, rather than being the gatekeeper.

For example, allowing employees to use Facebook at work could be viewed as a security vulnerability. That may be true. Facebook is a public forum, so there’s a risk that an employee might accidentally talk about a project they’re working on or unintentionally reveal something about a customer.

To combat these kinds of human error, government needs to invest in employee education, to make sure that everyone understands how they are expected to handle agency information. Rather than enacting a blanket policy that forbids the use of Facebook, the agency could create a policy that lays out the groundwork for appropriate online etiquette. For example, employees can use social media platforms, but they cannot share any confidential data. This seems obvious, but it has to be taught and retaught on a regular basis in order to be effective.

Likewise, security can and should be the responsibility of every employee, not just the IT team. By taking a “trust but verify” stance toward security, IT administrators can broaden the circle of trusted people. Driver’s education is a good example. Anybody who wants to drive needs to pass written and practical driving tests that demonstrate an understanding of the rules of the road. In the same way, IT needs to educate employees on the consequences of poor security and teach them how to protect themselves and the data they use.

For government agencies, then, the best way to keep their mobile workforce productive and secure in the next decade is to give them the devices, applications and tools they need for success; empower IT to monitor what’s happening on those networks and devices; create a policy environment that doesn’t stifle productivity; and build a framework that supports continual security education so that those employees are empowered to get their jobs done.

Steve Fallin is a senior product manager at NetMotion.

Platforms & Programs