7 minute read

CONSIDERING THE CORPORATE RISKS OF EMPLOYEES RETURNING TO OFFICES

By: Sam Lichtenstein Considering the Corporate Risks of Employees Returning to Offices

As the second quarter commences and most U.S. states begin to loosen restrictions as they increasingly bring COVID-19 under control, there are risks to consider as companies evaluate plans to reopen offices.

Corporate decisions will be based on a complex set of factors, including state and local laws, vaccine availability and use, input from employees, nature of work, corporate culture, industry recommendations, and competitors' actions. For firms that decide to reopen offices, health, financial, legal, reputational,

operational and security considerations should be taken into account.

The immediate priority for companies will be keeping employees healthy, although efforts to do so will raise complex tradeoffs. Firms are likely to implement a wide array of preventive health measures generally seen as uncontroversial and likely expected by employees, such as increasing the frequency and intensity of cleaning, but they face serious considerations when weighing more significant policy changes. Most notably, employers will have to decide whether to require staff to be vaccinated, while even lesser requirements — such as mandating the use of face coverings, routine COVID-19 testing, medical questionnaires and other steps — could face significant resistance from employees who see them as a violation of their legal rights or as inappropriate employer overreach. By contrast, employers also will face staff who demand these aggressive preventive health steps and will hold them to account if they do not implement them. Even if many employees fall somewhere in between, the views of those on either end of the spectrum will require companies to carefully consider how they message and implement workplace health protocols.

• Most immediately, a premature or poorly planned return to offices could catalyze an outbreak that in the near term disrupts business operations and in the long term reduces employee (and customer) confidence and trust, which will be difficult to regain. National media attention on companies' plans will magnify the negative impact of any botched returns.

• Companies face potential lawsuits and financial liabilities from employees who believe either that corporate requirements overstep legal limits — such as regarding disability, discrimination or privacy — or, conversely, that they are not upholding their obligations to provide a safe workplace. Although most legal interpretations suggest that employers can mandate that their employees be vaccinated, there are key exemptions, as well as legal and operational challenges in tracking employees' health because of privacy restrictions. Lawsuits in California and New

Mexico challenge employer mandates for vaccines approved only for emergency use, which

is the current status of all U.S. approved vaccines.

• Businesses also will face persistent reputational risks that could impact sales. As shown last year, companies seen as not prioritizing the health of their employees (or customers) face public backlash and boycotts, while those seen as infringing on individual freedoms are liable to witness similar forms of protest. As more offices reopen, inflammatory political rhetoric and media coverage of corporate policies will likely amplify these risks.

Beyond the impacts of these health-related considerations, companies will confront potential disruptions to their workplace operations and culture. These possible disturbances will be most notable in the immediate transition from homes to offices, but will pose ongoing challenges that may manifest in complex and unforeseen ways over time. Employers should remain flexible and cognizant that no corporate policy, no matter how wellintentioned, will satisfy all staff.

• Most companies eventually developed effective processes to maintain operations while staff worked from home, raising the risk that a return to offices, especially if only partial, may catalyze near-term disruptions. At least initially, many companies are likely to adopt a hybrid model in which some employees work from home and others work from offices, potentially bifurcating staff into different operational routines and engendering two sets of possibly rival cultures. Simultaneously, those employees who do return to offices may suffer at least temporary decreases in productivity as they reacclimate to the workplace.

• Businesses also will have to take into account political, economic and social grievances that emerged during, and/or were amplified by, the pandemic. Employees returning to offices may bring with them strong opinions on a host of charged topics and possibly even physical objects reflecting their beliefs.

Employers, especially those that have taken strong public stands, will have to give careful consideration to how to prepare and handle these situations lest they harm productivity and undermine culture.

• Many employers likely will face pressures to adjust office operations to address work-

life balance issues that have drawn national attention in the past year, but which may at least at first disrupt business activities and workplace culture. Employee requests for more flexible work schedules, changes to offices' physical layouts, childcare assistance, mental health support and broader wellbeing initiatives are just some of the many likely demands that could alter office operations and culture as companies reconfigure their employee assistance plans.

Employers also will have to prepare for renewed and newly emerging physical security risks. Firms may face challenges confronting these threats because of budgetary pressures, the near-exclusive focus on cybersecurity while working from home at the expense of workplace safety, and the need to strike a balance between physical protection and office productivity. While some physical security risks come from employees, others may target them, making it incumbent on companies to reevaluate their safety responsibilities and commitments.

• The risk of workplace violence will reemerge, potentially with greater salience, as offices

Firms also will have to prepare for physical security risks to their employees if disruptive and widespread protest activity reemerges this year, as it did last spring.

reopen. Broadly, the combination of pent-up frustrations and expanded opportunities to conduct attacks will raise the risk of violence across society. Recent mass shootings in Atlanta and Boulder, Colorado, illustrate that customers, not just employees, pose lethal threats. Individuals whose mental health has suffered during the pandemic may present elevated risks, especially if they also harbor personal grievances against employers or co-workers.

• Firms also will have to prepare for physical security risks to their employees if disruptive and widespread protest activity reemerges this year, as it did last spring. Unlike last year when empty offices meant that companies' physical security threats manifested mostly as vandalism and looting, a return to offices may put staff at risk of harm, especially if their employers are specific targets of demonstrations. The persistence of grievance narratives across the political spectrum suggests threats could arise from diverse actors.

• A return to offices also will likely mean the resumption, even if in significantly reduced form, of business travel for at least a small number of employees.

Companies will have to expand their travel safety procedures beyond mitigating traditional threats like local crime and scams. These steps may include pre- and post-travel health evaluations, emergency medical evacuation capabilities, training to deal with social unrest and other resources to address business travelers' heightened physical security needs.

In addition to physical security concerns, companies also face an array of cybersecurity considerations. Amid persistent cyber threats from a variety of sources — including criminals, competitors and foreign intelligence

services — businesses will have to prepare for employees who pose either unwitting or deliberate risks to corporate networks. Firms that adopt hybrid models in which some employees permanently work from home, some return to the office full-time and others rotate are likely to face particularly challenging cyber threats given the distributed workforce and potentially constant rotation among homes and offices.

• Employees who may have developed poor cybersecurity practices while working from home pose particular concerns.

Among other threats, they may reconnect infected personal devices to corporate networks, be vulnerable to business email compromise or be susceptible to a variety of online scams that take advantage of returning to offices.

• Companies will need to consider what to do with corporate devices provided to staff for working from home, as these will have confidential information but are unlikely to have been strictly secured. Firms will also need to evaluate risks from workplace devices that may have been compromised while remaining dormant and unguarded in the past year.

• Returning employees also will revive the risk of insider threats, as some may deliberately seek to access material stored on office networks they could not access from home. Wellplaced insiders financially strained by the pandemic — and especially those with workplace grievances — may face greater incentives to sell valuable corporate information to criminals, competitors or foreign intelligence services, all of which may proactively target them for recruitment. Insiders are aided by the increasing digital storage of key information and the proliferation of means to undetectably access and transmit it.

Sam Lichtenstein is a global security analyst at Stratfor who focuses on a wide range of international security issues. He holds a master's degree from the Security Studies Program at the Georgetown University School of Foreign Service and a bachelor's degree from Johns Hopkins University. Prior to joining Stratfor, he served for more than four years in the U.S. government, where he developed analytic expertise on various terrorism topics, including providing tactical and strategic assessments of terrorist groups' motivations, capabilities, plans and intentions, as well as opportunities to counter them.

This article is from: