Remote and Hybrid Work: Insider Strategies from Verizon (CXOTalk #796)

Remote and Hybrid Work: Insider Strategies from Verizon (CXOTalk #796)

Show Video

Remote and hybrid work are here to stay,  but working from home creates a variety of   challenges from a technology standpoint for  HR, for compliance. We're speaking with Mark   Custodio, the director of enterprise sales at  Verizon, about these challenges and solutions.  I get to meet with the largest global  companies in the world at their locations,   doing tours of their facilities, and really  getting a deep-rooted understanding in terms   of how their business operates. Mark, as you're speaking with   your customers (talking about remote  work and hybrid work), what are they   telling you? What's going on today in this world? Hybrid is here to stay. That's the first thing.  It seems like the IT, HR professionals, they did  herculean work to get folks to get home when the   pandemic struck, and I think it probably  accelerated many, many years' worth of,   "Hey, we're talking about doing work from home,  we're talking about these hybrid environments,"   to "All right. Now we have to. How do we do it?" They were able to do this patchwork to get them to   work. I think they think it's working okay in some  instances, but they have a little bit of concerns  

around employee experience, around security risks  that they don't really know where to go yet.  What are the shifts or the changes  that you see these folks going   through in their organizations right now? I think the first major shift is in the   employee mindset. Before – and it's almost  hard to remember, but – it wasn't too long   ago where we had to be at work on time, at  office, in the desk. Now, I think the latest   statistic is 58% of employees would actually  seek a different job if they weren't able to   work from home at least some of the time. Now it's really put a lot of control in  

the employees' hands saying, "Look. I  have choices out there. I want the best   possible experience. I want a work-life  balance. I also want all the tools that I   need in order to be effective at my job at home." And so, it's putting the companies in a position   where, "Okay, we want to embrace this. How do we  give the best experience to attract and retain our   top talent but also ensure that we're meeting our  productivity goals, our financial goals," because   there might be an added cost in doing this,  "and, of course, securing everything end-to-end?"  Now the office is their home, and  that's essentially a branch location   for these enterprises. And so, now that they've  established a work culture policy (essentially,  

enabling folks to work in their home environment  or at a Starbucks or at an airport or wherever   they might be), they're trying to figure out,  "Okay, what's the right toolset to give?"  Broadly speaking, what are some of the  challenge that organizations face as they   make this transition from being exclusively  in the office to remote and hybrid work?  You mentioned me being in front of  customers a lot, so I can hear firsthand   some of the challenges that they're saying. I was with a large insurance company recently, and   they had many work-from-home employees. They're  utilizing their own home Internet connection,   which (you could imagine) there are dozens  and dozens of different providers. And they've   been experiencing lots of issues with their VPN  (just staying connected) and lots of VPN drops.  It's been really hard for them to  troubleshoot this because, essentially,   they can look into their own system but they can't  really look into the home user's network because   that's their own home Internet. They don't have  access at an enterprise level to the provider  

that's giving them that home Internet. Even if they call that provider,   they're not treated as an enterprise. They  would be calling on behalf of a consumer,   and they don't have the rights to do so. And so,  for them to be able to troubleshoot at scale, you   can imagine how exponential that problem becomes. What customers are saying is, "How do I get  

one standard that not just delivers that good  employee experience but reduces the IT burden,   because when I get dozens and dozens of calls  that could have dozens of different root problems   across dozens of vendors, it's just not scalable,  and I don't have the resources to support that?"  Enterprise IT departments are in this position  of needing to manage their own network but,   at the same time, manage the multifaceted,  diverse networks that are out there among   their entire employee base. You got it, Michael. You   think about the risk that that entails. In your average home, there are probably tons of   IoT devices and smart devices and things that are  listening and snooping. Whether malicious or not,   my guess is they don't have all of the  up-to-date security parameters that a   business or an enterprise would want  or would accept on their own network.  The biggest recommendation that I can give  is start the conversation of now saying,   "Those home offices are an extension of your  business." If you were going to allow somebody   to work at a different location, you have to treat  that with the same fervor or the same rigor that   you would do for your own brand location, your own  brick and mortar because, essentially, that user   has the access to the same amount of information  they would have within your four walls, so you   have to protect that information in the same way. The zero-trust framework is becoming more and more  

prevalent in conversations. But you really  need that visibility end-to-end to be able   to manage those connections end-to-end. Enterprises are saying, "Okay. If I own   everything end-to-end, and I have visibility  end-to-end, it's going to help me across   several different vectors." All of those  calls to various different providers, well,   now that anomaly is gone. I don't have dozens  of standards. I have one standard. In addition,   when there's an issue, I have remote access,  remote control, remote capability to actually   diagnosis and troubleshoot that challenge." By controlling that connection, you   create a simpler environment that's easier  to administer and, at the same time,   from a security standpoint, everything is  standardized, and so you know what's going on. 

That's exactly correct. I think that's  really what the IT professionals want.  HR is really burdened with this challenge as well.  We've seen several states start to do legislation.   I think there are about 11 states that have  legislation. Some are more specific than others.  If you think about an organization that spreads  across multiple states, they tend to go toward   whatever the strictest standards are. So, if in  California they're requiring you to reimburse   for certain tools that you need to work from  home, that often includes Internet connectivity. 

Very similarly to how corporations really have,  en masse, migrated around bring your own device,   they started to do that trend many years ago,  but it was very difficult to manage. It started   to be very expensive. They were starting to be  asked to give stipends and things like that.  They've really all brought back and said, "You  know we're going to provide a corporate phone."   HR professionals are saying, "You know  what? We can view this as a benefit.   We can view this as a way to meet our  standards across. We can view this as a   way to improve employee experience," because you  and I are communicating virtually right now. And  

if we don't have a solid connection,  the relationship just doesn't work.  Giving them that solid connection  makes them better at their job,   makes them more effective. And so, there's value  across a lot of different workstreams here.  We're seeing some early adopters in call  center space. You think about how call   centers are not en masse in these giant  buildings anymore. There are many at home.  Often, they don't have the most reliable Internet  connection, as there's been that move to rural   where you don't necessarily have fiber and some  of those high-speed connections. And then all  

those other challenges, so they provide a kit.  A kit could include an Internet connection,   some security applications, a VoIP phone and,  essentially, day one, they're onboarded. They   have everything they need to be successful. What are the considerations around   choosing these kinds of tools? A few things that folks need to   consider. One, it needs to be easy to operate  and easy to deploy because, essentially,   you don't have somebody in every home doing a  robust setup, installation, troubleshooting. 

Many corporations (including right outside this  door), at our office, we have a help desk. If   you're having a challenge with your technology,  you make an appointment, walk up to the help desk,   and we'll troubleshoot that for you. Well, at  home, it's not quite so easy, so I think you   should look for something that's plug-and-play. Second, something that you can remotely manage so,   if there is an issue, you can  diagnose and see what that is.  Third, I think you need to look  for something that's scalable.  What about from a security perspective? Security means different things to different   folks but, ultimately, you need to be able to  protect the data that's on there. You need to  

be able to protect your end users. And I think  you need to make it a little bit foolproof.  We just released our data breach investigation  report, and what are we finding? Well,   security breaches are on the rise yet again.  So, despite many efforts, it's happening more.  Many of these breaches are organized, and many  of them are for financial motives. And so,  

we know that the motives are there to  get the information, and often the breach   happens with the employee. Right? That ends  up being the firewall that's at most risk.  The other thing, though, is you need to balance  that with employee experience. You need to put   solutions in place that enable the employee to do  their job without having so many restrictions that   it's draconian and they can't access the sites  and the information they need to be successful. 

We can guide through all of that,  and that's really what it is. It's   a consulting journey where we look at the  outcomes that the customer wants to achieve,   we help them diagnosis what products, services,  consulting enables them to achieve that outcome,   and then we deliver a package that's  really seamless to that end user.  You mentioned the HR benefits earlier. Can  you be a little more explicit in linking  

this kind of connectivity and control  that is obviously so beneficial to IT   to the value, the benefit, the employee  experience and, therefore, the HR benefits?  I'm reminded about a visit I did at  a large physical security company.   We were walking their facilities, and they  had shown literally stacks and stacks and   stacks of expenses, paperwork, and timesheets. They were very antiquated in some of the ways that   they did things where they were faxing information  in from each of their security locations,   whether that be an expense for a phone, whether  that be an expense for Internet connectivity,   whether that be their actual timesheet. It was  all manual in nature for folks to process this.  One, at an enterprise level, when you're providing  these tools and resources, you can remove all   of that necessity for, one, the employee to do  expenses. And, by the way, Michael, I have yet  

to meet an employee that wakes up in the morning  and is excited to do their expense reports and,   by the way, sometimes get them kicked back,  audited, and all the things that come with that.  You remove that. Now you're giving them  a benefit that's really easy to manage.  I think, two, you're compliant. Essentially,  you're providing those tools and resources,   so it's not just compliancy from the IT and  security that we talked about but compliancy   for the regulation that's in place today and,  potentially, future regulation as that starts   to mature as hybrid and work-from-home becomes  more and more the standard, not the exception. 

Then finally, you need to think of ways  to differentiate yourself. You imagine   you're coming into a brand new job, and you  might be coming into a brand new company.  Day one, how easy is it (when you're not  at a physical office, you're at your home)   to connect into the training that you need? How do  you feel if, when you connect into that training,   it's choppy, it's not reliable, you can't get the  VPN to stay, you're not able to get that clear   communication to learn the information you want? I think what you're probably going to find is if   we're not adequately equipping those home users,  we're going to see churn tick up very rapidly,   employee churn. Why do I have this  prediction? Well, it's pretty simple.  If my onboarding experience in  those first few weeks is poor,   even if I'm an existing employee but now I'm  working hybrid or home, and my work experience   is not as good or better as it was when I was in  the office, and I now have less physical tie to   a brand or a company because I'm not building  relationships within those four walls. Plus,  

maybe I have a little bit of extra time to have on  my other monitor LinkedIn, Indeed, job searches,   and to search for those jobs. It makes it really easy for me to find something   else. And so, we need to be thinking differently  about how we attract and retain talent,   how we develop our folks, that face-to-face  interaction that's now likely a virtual   face-to-face interaction. Those experiences need  to ride on a different type of infrastructure.  I'll also add, I know that 5G is going to bring  experiences that weren't possible in the past by a   virtual connection, things that were only possible  in face-to-face. Augmented reality and virtual   reality, different ways of training, different  types of employees are now being more prevalent   so that need for a more robust connection with  really low latency (so it's a good experience for   everybody) is becoming more and more important. Mark, tell us about the cybersecurity   implications. When you don't own  

the connection at home, you don't know what else  is riding on that network, what might be causing   risk. But at home, I think most enterprises  have no idea what's riding on that network.  You want to know where the data is going.  Would it interest the organization if they   found that data from that connection was going to  another country, another nation-state, a part of   the world where they don't do business today? Would it interest them to know if there were   incoming attacks? Would it be interesting  for them to know if certain websites were   being accessed? I think this would be  interesting to know but, more so, you   can then create policy, framework, and automation. When you own the connection, you can encrypt that   end-to-end. When you own the connection, you can  add on analytics that help you search and seek out   what's going on. And when you own the connection,  you can quickly put in a framework that restricts  

access, allows access, put in a framework that  quarantines, that does all the things you would   expect in an enterprise environment. Mark, what about the privacy and the   compliance implications or benefits  from using this type of connectivity?  That needs to be at the forefront of everything  we do because employees aren't going to be   happy if we're invading their privacy.  Having a dedicated Internet connection   means you don't have that risk at all. The connectivity that you have for your   business product, your business solutions (your  laptops, your phones, your tablets, whatever   connectivity they're using, their VoIP phones)  that's segmented off from their home Internet.   And so, now you don't have to worry what  they're doing on their network. They don't   have to worry about how they're monitoring  their network. It's under the same policy and  

framework, so that makes it really easy. But if you flip that and you say, "Okay,   well, if I want to add these types of security  solutions and I don't own the Internet connection,   well, then what risk does that put me in, in  terms of what data I'm collecting on my employees?   What risk does that put me in, in terms of how  their perception may be of how I'm monitoring?"  If they're doing something malicious or  wrong or have a security breach on their   phone that's their personal, I don't want to put  my information at risk or vice versa. By the way,   employees think the same. "Hey, I want to be  able to access information, but I don't want   you seeing what I do on my personal device." Let's segregate that. Let's make sure there's   a fence. And we don't have to worry about  personal information and work information. We   have dedicated lanes. I'll tell you; once  you do that, it's so empowering for the  

company because it can enable a better experience. An example might be let's build a private network,   so maybe you don't need that VPN anymore. Maybe  the moment you authenticate that device to your   Internet connection, it just immediately connects. These are things that we can do. Maybe we do   a private network with a VPN and add a  completely different layer of security. 

Maybe we say, "You know what? We're going to  prioritize certain bits of data or applications   (just like we would do in an office location)  because we own the Internet. We're going to put   a little bit of priority on that VoIP phone,  so you get the best experience on your voice,   and any other applications like YouTube  and things like that are more best effort."  These are things that you can start to  think about when you own the connection   and you have the applications, the  hardware that's wrapped around it.  Given the importance of employee training around  issues such as phishing, what resources can you   recommend for folks that are listening,  to learn more and to help their employees?  On our website we have a great Internet  portal, the Verizon Business Internet. It  

gives great information at a high level as to  some of the recommendations we have for this.  In addition, and this is really the most important  thing that you need to do, let's start with a   conversation. I heard Danny Johnson, who is head  of one of our product marketing divisions, he made   a great analogy that the most important investment  that you can make (if you're listening to this as   a business leader, as an IT professional, as an  HR professional) is the investment of your time   because, at the end of the day, there's unlimited  upside to what that conversation can bring,   and there's very little risk, there's very little  downside. You're just investing in a conversation.  Let's have a conversation. Meet with your  professional. We have folks that are assigned  

to almost every business that's out there. We'll have a conversation. We'll understand   what your goals are because that training may not  be one-size-fits-all. There are different levels   of maturity and outcomes that the customers are  looking for. We can design a solution for that.  Now, for companies that are a little bit more  advanced or are looking for more, something   holistically, we have world-class business  consulting services. We're on retainer for some   of the largest companies in the world where we do  specific trainings (red table events, for example)   where we simulate some very sophisticated attacks. We utilize this information because the data   breach investigation report (I think, this  year), it's maybe something like 15,000 or   17,000 data breaches that we investigated, that  we ingested, and then gave analytics on. So,  

we see what happens across networks around the  globe, we see how these things are manifested,   and then we know how to prevent and, if it  does happen, how to respond very quickly.  We're able to consult and do the training  at any level and increase that adoption,   and so we encourage you to work with us. We really  are experts when it comes to this – the network,   the security, the applications that  are all within there – and we'll   help you get the outcomes you're looking for. Mark, clearly the solution demands both technology   infrastructure as well as employee training. I would completely agree. The technology  

infrastructure should at some point become so  easy that the employee training could just be a   simple card that they receive that says, "Plug  in and play." That's literally the extent.   "If something doesn't work, contact here." It makes it very easy for that employee to see   the experience. But I think awareness as well as  training is very, very important. You need to be   aware that, at least from a security standpoint,  these risks exist, and there are things that we   can all do in our personal and professional  lives to ensure we're living the most secure   and reducing the risk as much as possible. Awareness is really important. I think   businesses need to continue to do that,  double down on awareness campaigns,   let them know what's going on – if there's  a breach that occurs – let that happen.  By the way, all of that information is  publicly available for free. We have a  

mobile breach report, a data investigation  report. Folks can use that information to   help train and make aware their employees. Then second to that is let's ensure that not   that they're aware, how do you respond?  What do you do when something occurs?  By the way, what's the investment  that we're making in you to make it   easy so that doesn't happen? Again, that creates employee   loyalty because the employee recognizes the  investment that the organization is making   in their well-being and in their skills. No doubt. When you think about that importance of  

data (protecting the employees' data, protecting  the company's data) if you look – if it's a global   organization, you think about some of the GDPR  requirements that are on there – the image, brand,   and financial implications that could happen  if we're not adequately protecting that data,   this is not an if; it's really a must.  We must do these things not just from   a governmental policy standpoint, but from  what we do in terms of the right things for   our employees and our customers, et cetera. I know when I'm negotiating a large agreement   with our customers, this is a question they  ask us. Now, I'm very proud of our record   and the things that we do, and so we can  talk about those things. Customers are very   satisfied with the steps that we put in. And then, in that conversation, says,  

"Well, here's how we can help you do the  same," and I encourage any organization,   as they're contracting with a company, to do  that. I think it's table stakes to make sure   that you're partnering with somebody that preaches  what they practice and practice what they preach.  Mark, let's talk about implementation.  You speak with so many Verizon customers,   very large organizations, organizations of every  size. What are some of the best practices that you   see for implementing remote work? Process is really important.   What you want to do is enable some of  this technology to work before it arrives,   and you can accomplish that a few different ways. One, some companies either do it internally or  

they outsource staging and  kitting where, essentially,   the device is set up to the industry or the  company's standards before it's shipped out to   that end user. That process of "when the end user  receives it, it just works," that needs to happen.  Now, in addition, there's some automation you  can do with that. For example, we see that   with smartphones where we can actually enable  what's called a supervised mode on that device.  We ship out that smartphone or tablet to  the end user. The moment they turn it on,   it authenticates with the network. It says, "Hey,  this is corporate-owned. Here are the policies   that need to be on here," and it just works. You can also do that with a router device. 

Now, depending on what those requirements are,  some companies also say, "You know what? We're   going to put some custom information in there." I mentioned that card that kind of explains   plug-in and play. Let's go ahead and  include those instructions. Then if   something doesn't work, here's how you contact. That process is the number one best practice   I see. Another part of that process that I  see that's really, really important is doing  

qualification in terms of what the experience  might be from a coverage standpoint at that home.  Although we cover 99% of the U.S. population, I'm  certainly not going to sit here and say in every   building, in every nook and cranny, at every  location are we going to have great coverage.  

But what we do have are some geospatial  analytics and a wealth of information   that can give a pretty good indicator  as to whether there's coverage there.  If it's an enterprise office location, we  typically come in, we do a site survey,   we do readings, we might install an external  antenna. We do things to ensure the best possible   experience. But when it's a home user, you need to  use as much intelligence beforehand as possible.  Now, the good thing is, again,  this can be automated and easy.   We get the addresses from the end users. We  then spit out a range that says this will   be a good experience, a great experience, a poor  experience. Then the company can make a decision;  

is this the right solution for that home  user, or do we need to augment with a booster,   or maybe this isn't something that we can  install at all? Upfront doing the work to   have a process in place will ensure success  when the end users receive it on the back end.  I say, "Look. Start small. Let's do a  pilot together. Pick 100, 200 users,   and let's get their feedback." We are finding  very, very high success, but we're also learning,  

"Hey, with this application, here are the  settings that we need to do. Here's what's   going on with the VPN. Hey, here are the policies  that we need to do," so when you go to scale,   it ends up being the best possible experience. Mark, as we finish up, where is hybrid,  

remote work going, and what are  the technology advancements that   we're going to see in the near future? It's here, and I think it's going to   be here for the long haul. I don't  see us ripping back that Band-Aid.  I do see us doing more purposeful experiences  in our corporate offices to kind of draw   people in and build that engagement. I was listening to one customer that said,   "You know what? We're not going to have as  much real estate, but what we're going to   do are events. So, maybe every quarter, we do  a really big event. We take some of the money  

that we saved on that real estate. They're  now working from home. But we do things that   are really purposeful to bring people together." I think this hybrid mindset (while still having   some brand identity, some culture identity) is  going to be there. The majority of the time,  

though, folks are going to be working from their  houses, and so how will the technology advance?  Well, right now, you and I have a great  connection. It's true high definition. I   can see in great fidelity. I can see the facial  expressions that you have. It doesn't look grainy.   That's accomplished by you and I having really  strong Internet connections and a great platform. 

By and large, much of the technology that  folks are utilizing today to video conference   isn't even full HD today. And so, I think  there are opportunities we're going to see   as connections become more robust, as 5G and  fiber become more prevalent across the country.   It enables us to really uptick the quality. Then on top of that, you're going to see more   augmented reality where we see ways of connecting  and engaging with folks differently. That doesn't  

just require bandwidth; that requires latency. Because our eyes have excellent latency,   we're able to pick up things really quickly and  smoothly. On a video screen that's attached to   your head, that requires an even greater grade  of that. I think, as more and more folks are  

working from home, having those applications  pushed closer to them (so there's that great   experience is important), that's where things like  mobile edge compute come in, having applications   like that augmented reality application  closer to the tower, closer to the cell site,   closer to the network, so that experience  and that response time is really seamless.  I think the applications are really broad.  What most excites me... I think about this   all the time. When we launched 4G, when Verizon  said, "Hey, we're going to have a nationwide 4G  

network," at the time, that gave us 5 to  12 megabits per second, which may not seem   like a lot now but was groundbreaking at the  time. Most folks were between 600 kilobits per   second and maybe a meg, a meg and a half.  So, going to 5 to 12 was groundbreaking.  Well, what did that do for us? If you think about  some of the businesses that were transformed,   the easiest example might be Uber and Lyft. They  ended up creating applications that rode over the   top of our 4G network that completely disrupted  the way that we travel and the taxi industry.  You couldn't do things like that before because  you didn't have a robust enough or reliable enough   connection. We built a network that enabled  that to work ubiquitously wherever you are,  

and that's just one of thousands of  new businesses that were created.  I'm most excited about the new businesses that  are going to be created, the new disruptions   that are going to be created. The developer  community, once they have these capabilities   (that 5G really starts to usher in) are going  to be unleashed just like they were with 4G,   and we're going to see experience that  you and I can't even fathom today that   are just going to change the way that we  work, play, and engage with each other.  It's exciting to imagine what's coming  next. Mark Custodio of Verizon, thank you   so much for taking time to speak with us today. Thank you so much, Michael. It was a pleasure.  

I'm so excited to talk about the future of  work and can't wait to talk to you again.

2023-07-28 07:01

Show Video

Other news