- cross-posted to:
- shockingnews
- cross-posted to:
- shockingnews
A new survey shows that the vast majority of senior executives say would’ve approached their return-to-work push “differently.”
The data was already there. Twenty years of it. Remote work is not remotely new. They chose to ignore it because executive fee-fees are more important than facts and data.
This is a minor wave I’ve seen of “oopsies” posts about work from home.
And if history is any teacher, and considering that they spent the last few months pushing the “workers actually want to come back!” fantasy narrative, I expect in a few weeks the pieces will start being about blaming workers for the return to work pushes.
“We told our workers they could stay home forever [by quitting] if they wanted but all [the ones we didn’t just constructively dismiss] of them all but demanded that we let them return to the office.” –Some CEO, Probably
Executives are interested in preserving their buddies and their investments in large corporate rental space.
E.g. Concord-Pacific, by itself, owns something 60-80% of all of the office space in all of downtown Vancouver. Easily into the tens, if not hundreds of billions of dollars tied up in imaginary value.
Including the massive convention center and almost all of Gastown.
I doubt that executives are that clever. I’ve seen this conspiracy theory circulating atm, but it relies on so many assumptions that I consider it unlikely. It assumes that executives “help” each other out by willfully spending money for office space and all it costs, that could be saved in expenses by employees working from home. Corporations are obsessed with cost cutting, why would they willfully waste money? It also assumes that corporations help each other out. Considering the fierce competitiveness corporations are exposed to and how this extends to all fields, including office space, employees, office equipment, etc., this is nothing more than a conspiracy theory. Another assumption is that the push for a return to the office comes from ALL or mostly all executives. Is there actually data supporting this claim? Who is really doing this?
What I think is the real reason, is far simpler and requires less mental acrobatics to justify: The people, who are pushing for a return to the office, (a) have a stake in the performance of the company and (b) are not working themselves when they are supposed to be working from home. They then project their own behavior upon others, and therefore push for a return to the office to, in their mind, prevent their enployees from slacking off.
All large hedge funds and investment portfolios have a real estate component. They lose money if they do it. They think on a level of “if everyone does this what will happen”
They lose money if they do it.
Do what?
Executives are interested in preserving their buddies and their investments in large corporate rental space.
How does forcing their own workers back into their office raise or lower the value of their own real estate? If they use it, they won’t sell it, value is irrelevant then.
But lots of companies that are nothing to do with hedge fund management or also pushing people do return to the office.
“Facts don’t care about feelings”
It works the other way around too, that’s the problem.
There are no arguments for returning to the office that make sense. People who argue against remote work are historical artefacts from a bygone age.
Well to be fair I wouldn’t categorize the entire banking industry and investment capitalists who have over a trillion dollars in commercial mortgage backed real estate collateralized debt obligations invested in those office buildings as being from a bygone era.
TLDR It’s 2008 all over again. They bundled up commercial mortgages into securities that blackrock etc are heavily invested in. They are over leveraged because over the counter swaps still don’t require verified money in the bank to cover losses. If people are not forced to return they know the real estate market will implode and take Citibank Morgan Stanley etc with it
Good. Then that real estate will be up for grabs and can rebuild commercial only districts into mixed use districts. More housing for PEOPLE and more efficient use of existing space.
Security is definitely a legitimate argument for some companies. The average home network is nowhere near as secure as an enterprise network and BYOD is not nearly as secure as the systems setup and managed by your organization.
Edit: Everyone saying “use a VPN that’s how you secure your home” needs to do more research. I have a comment below explaining how just using a VPN doesn’t make you safe.
I doubt it. The home network does not need to be secure. That is why you have VPNs and other such technology.
Some networks are not accessible via vpn.
In those cases it’s justifiable to have to work in-person. I don’t think we’d want closed networks (presumably for stuff like nuclear power) exposed to the open internet.
True, but that won’t be most of the work force. There will always be exceptions for security/defense and some other areas. I suspect those areas already had a process for monitoring the comings and goings of staff and any off-site work. I also suspect the amount of off-site work was limited to begin with if it impacted security/defense.
Those networks are also not accessible from home networks, then. That is to say it’s a valid point regarding each industry and company having different constraints, but it’s not a concern over the security of home networks. If home/remote network security is ever the limiting concern, that can be mitigated by VPN.
The issue of using a work device outside of the office is if you ever connect it to your home network off of the VPN, then there is a chance the device is compromised. A malicious actor could have targeted you because they want to gain access to your company and they saw on your LinkedIn that you work remotely. So they simply use some OSINT to find your address, run a geo search on shodan and wiggle to identify your homes IP, then use that as an entry point to compromise your router and wait for your device to connect to continue the attack. This may sound complicated or a lot of work but this is actually quite simple to do and takes only 10 - 15 minutes.
It’s also about physical security, protecting access to your work laptop and protecting IP. That VPN is completely useless if someone can get into your home and access your device. It’s way easier to get into someone’s home than into a properly secured office.
That’s also why you encrypt your drives. The average enterprise figured out how to let somebody work from an airport long ago. It’s really not a huge deal.
Ever hear of a VPN? This is pretty standard “security” for most Fortune 500s. Home network can be a Starbucks WiFi, but unless you have the decryption keys you are not going to be able to intercept the traffic tunneled through a VPN.
It’s not just network security though, that was just one example I used. Another is protecting company IP. They could be working from home and a neighbor peek through the window and see what you’re working on. Also that VPN isn’t worth a damn if someone can get into your home and gain physical access to your device. Sure they could also break into an office, but offices usually have a security system with alarms, cameras, and sensors. They also usually have stronger doors and locks. Security is absolutely a valid reason to return to the office. I work in cybersecurity for the record and this is an actual reason being pushed for a return to the office.
They could be working from home and a neighbor peek through the window and see what you’re working on.
This is a joke, right? RTO won’t stop this “attack” either. Since we are looking at extreme situations, what’s to stop an attacker from using a high powered scope and peek at an executives computer? In an office environment you have plenty of targets to choose from and exfiltrate information.
Also, this is easily defeated by privacy screens. So this is a non-issue.
Also that VPN isn’t worth a damn if someone can get into your home and gain physical access to your device
You are right. Which is why multiple layers of defense is needed. VPN is just one layer, albeit a very poor “security by obscuration”
Ways to combat this is have data encrypted at rest, and in transit. Modern computers/OS have the ability to encrypt all data at rest. If computer is stolen, attacker can’t do much without the decryption keys. Also, thin clients (VDIs) can be used to further reduce chance of compromise of physical device. Data does not leave the secure data center of the firm.
Also, having applications / endpoints secured by MFA will help in reducing possible infiltration.
The only attack vector I can think of that will defeat these measures is a person held with a gun pointed to their head but this is why having multiple persons to confirm an action will help reduce the impact of one person.
but offices usually have a security system with alarms, cameras, and sensors
All easily defeated and poor security measures with the right motivation.
usually have stronger doors and locks
This is poor security as well. Perhaps even security theater. Unless the doors are bank vault level lol
None of the points you have given are valid in this digital age. A forced RTO is pointless.
If you use vdi that runs on a corporate thin client security is basically a non-issue. Data never leaves the data center and so long as you harden the thin client it should be difficult to breach it.
It’s also about physical security, protecting access to your work laptop and protecting IP. That VPN is completely useless if someone can get into your home and access your device. It’s way easier to get into someone’s home than into a properly secured office.
Right… that’s why you would use a VDI. There’s nothing local except a thin client that runs your citrix/vmware/whatever client. There’s a reason that VDI is generally used for PCI-compliant business cases but VPN is not.
Having implemented this sort of stuff for the mind if companies you probably think of when you’re thinking of enterprise… You’re making a mountain out of a molehill.
The use of a VPN to secure data in transit and the use of strong encryption on the device, endpoint protection and management features, along with good password security make it easy for any organisation not dealing with literal SECRET or TOP SECRET information to enable remote with.
Even the government has capitulated to the idea that devices themselves should be secure:
https://csrc.nist.gov/pubs/sp/800/207/final
If you can deal in government data on your laptop at a starbucks, we most certainly can work at home behind locked doors in our own offices with anything equivalent.
See my other comment. It’s also about physical security, protecting access to your work laptop and protecting IP. That VPN is completely useless if someone can get into your home and access your device. It’s way easier to get into someone’s home than into a properly secured office.
No. Even that is incorrect.
You are 4 nodes deeper in OSS intel required, (isemployee->hasaccess?->homeaddress->break in)
I also know there are only 2 people with keys to my home, the hours of operation are limited, and there are no 3rd parties with unrestricted physical access (maintenance, physical security, janitorial services.)
The only difference in person provides is a record of access, cameras and access control systems etc.
My home also has this record of access and if requested can be provided. Most folks have egress cameras nowadays too.
deleted by creator
There’s a really simple one. All the VCs and funders have been double dipping in REIT and in business real estate holdings. They sit on the boards of companies with no interest in maintaining offices, but have financial backers who veto those decisions.
The language and excuses are all a smoke screen, it’s to give them time to get out of commercial real estate without crashing the market.
Just before the pandemic the LARGEST commercial leases EVER were being signed in SFO and NYC… those same interests are just one giant ouroboros of funding and they saw their margins dwindling in their real holdings.
Blackrock is the most obvious, but there are lots of board level holdings in the same situation, they’re of course going to advise and demand that the commercial real estate be maintained… They may even be able to get a discount on next lease… just gotta be nice and keep paying those bills!
I’m okay with people returning to office. But forcing it down people’s throats when remote working has been working for the past few years is NOT okay. Fuck these out of touch companies and executives. I would rather quit than bend to their bullshit.
Forced return to office lost around 30% of our staff. Now over-work and a lack of staff replacement, because nobody wants the in-office job, mean that we are losing even more staff to stress and illness leave.
And suddenly all these contracted products and platforms, that are already being paid for (because nobody checks if staff resources are available in advance) are failing or stalling because there is no available staff or time to deploy them.
Not to mention how much time and efficiency is being lost by forcing the rest of us to operate in an office.
Sounds like time to smile, wave, jump ship!
I’m looking, but Senior Sysadmin roles are not plentiful.
Fair play :-) Hope it works out!
deleted by creator
lol out of touch executives and dumb ideas. name a better combo
How about stupid execs and spineless decisions. I know of a company forcing people back to the office so workers will quit. They need a headcount reduction to please their board member masters but don’t want to be responsible for layoffs.
DANGER, WILL ROBINSON! DANGER!
This is bad practice, says the joint report, because for hybrid workplaces, the mix of employees coming and going at different times a week makes it “impossible” for a manager to know how many employees are on site on a given day.
They’re taking the wrong lesson from this, and are going to try to force us back to 5 days a week in the office.
deleted by creator
Methinks Frank is more interested in covering his own ass than extracting the obvious conclusion from the data and statements available 🤦
His boss told him to write a positive piece about being forced back into the office by the Worker Retrieval Gangs.
He said it was weird how much they called him “Boy.”
Oh hey and look at that. It’s about to be winter which means we get to play “which office bug is going around this week?”
Or right now actually. Huge COVID surge in Japan at the moment while everyone is forced back to the office
I was hospitalised the last time I had COVID I don’t want to have that again, but far more importantly I don’t want to go into the office. But I’ll be using COVID as the excuse.
It’s almost as if they just listened to their employees rather than 3 year old data…
Execs have never listened to their employees, why would they start now.
We really need a way to make them listen. There’s gotta be some way to collectively do this…
You can tell they’re really don’t listen when they start putting up suggestion boxes.
Our company did that and when all of the suggestions were pay rise and work from home, they decided they weren’t working and took them away.
My work has been pushing RTO for awhile. Started with voluntary. Then progressed to mandatory hybrid RTO by X date. This has been pushed back because of people sending in terrible reviews during quarterly employee satisfaction surveys (me included). New date has been pushed out to next year, but I will be long gone by then.
Wen they try to force me back, and they will, I will quit.
They have just recently forced my boss to return to office 3/5 days a week. They’re coming for the workers next after admin.
Good luck filling my spot on short notice assholes
I live 800 miles away, good luck.