Brodies have a temporary homeworking policy to download which deals with issues such as hours of work, communication, health and safety, equipment, expenses and security.
Employers should consider whether they will be responsible for the costs incurred by staff from working at home. This should be outlined clearly in your Homeworking Policy to ensure a consistent approach. If you choose to pay your staff, you may require copies of itemised bills, though HMRC will accept reimbursements up to £4 per week without the need for supporting paperwork. The charity TaxAid have produced guidance on Homeworking rules and expenses and you can find out more about homeworking expenses on GOV.UK
ACAS advises employers to ensure their insurance covers them for an employee working from home if they’re using business equipment, and also covers them against a claim by a third party. In addition employees should check there are no issues with them working from home with their home insurer, mortgage provider or landlord.
See our blog with ten top tips for remote working. There are now thousands of such guides online. Three key points to remember are:
- It will impact team members differently, and will require flexibility and understanding
- Clear, frequent communication is really important. Modern collaboration tools such as Microsoft Teams, Slack, Google Hangouts Meet or Zoom make this easier.
- You will learn as you go – so be open to reflecting on what is working and change your approach as you need to.
See also this blog from The Catalyst (a remote-first team) about how they use ‘check-ins’ to keep their team in touch and up to date.
SCVO is also offering Scottish charities a free 15-minute chat with a digital expert to help you get started with remote working. Book your call.
Ideally you will want staff using dedicated laptops administered by your organisation, but this will not be possible for many charities. Microsoft Office 365 and Google G Suite both offer document creation, editing and sharing from within the web browser, which can mean staff can work on more basic devices. Basic versions of both platforms are available free to charities.
Cyber Security – IT managers and employers
The National Cyber Security Centre has an excellent range of advice.
Think about how your staff team can easily and securely access your systems remotely. With modern cloud-based platforms like Office 365 and G Suite, this should be straightforward from any device with a web browser. For other systems you may need to set up a VPN or remote desktop.
You can reduce risks by following a ‘least privilege’ policy – that is, only grant users the access they need to key systems. This means that if one staff member on your team has their account compromised, there is less potential for data loss or damage.
Enforcing two-factor authentication on key systems will improve security as staff log on from a range of networks.
Many organisations will be relying on ‘Bring Your Own Device’ for some or all of their employees. Usual guidance is to avoid this if you can, but this might not be possible during the early stages of this crisis. If at all possible try to avoid this for staff team members working with key systems e.g. financial systems or large sets of personal data.
Cyber security – employees
You should always use a secure (password protected) WiFi access point to access your work systems – otherwise you risk exposing your data and passwords to others.
Try not to share a device, or use a separate user account to keep work information safe.
Ensure your device’s software is up-to-date, and regular malware scans are running.
Try to minimise the amount of data you save locally – for example, work in the browser in Office 365 rather than downloading files.
Be alert to phishing scams – with unfamiliar working arrangements and pressing workloads, you are much more vulnerable to being conned. And hackers are already playing on coronavirus concerns to try to dupe people. If in any doubt about an email, phone a colleague.