Best practices for ensuring a compliant work-at-home environment

The coronavirus pandemic has abruptly thrust many organizations into a work-at-home scenario, and many companies are struggling with issues regarding remote security and compliance. Enhancing or adopting compliance measures for virtual employees is an immediate necessity, and for many organizations, working from home will be a longer-term model even after the crisis ends.

Your company can ensure a compliant virtual environment with a strategic two-pronged attack: by implementing both a technical solution and a people process solution.

  1. Create a secure environment with a strong technical solution

Security controls are critical to compliance and to mitigate risks of fraud or breaches, and a technical solution requires a secure end point. The technology provided by a virtual desktop infrastructure (VDI) partner must create a data-secure environment and be adaptable and scalable. Recommendations include:

  • Enabling data encryption and two-factor authentication (2FA)
  • Hardening browser settings
  • Storing all data in the cloud rather than locally
  • Restricting hours of operation accessibility
  • Disabling Wi-Fi and requiring hardwired internet access instead
  1. Ensure compliance by enacting a solid people process solution

To set the stage for a work-at-home employee’s success, follow a formalized process from the beginning and reinforce best practices throughout all stages of the employee life cycle.

clean desk home workspaceRecruiting and hiring stages

A good job candidate will supply a potential employer with a photo or video of the proposed work area, either before or during the online interview process. This assessment will provide your company a first view of “clean desk policy” compliance as well as an opportunity to verify the space after hire. With a 360-degree view, you’ll be able to spot unsuitable factors such as screen reflections in mirrors or windows, extra devices such as personal phones or tablets, and people or pets in the background. Upon hire, the employee will sign a compliance audit form agreeing that the requirements are understood and that any required adjustments will be made upon request.

Training and governance stages

Governance in operations is key. During training, your security or compliance team should perform a 360-audit to certify whether the trainee meets all requirements and can proceed to full operations. Once the employee is officially performing the job, you must train and engage your operational teams to conduct audits at prescribed intervals, ensure that the same forms are used, and track results for follow-up and compliance with governance requirements.

In conclusion

Security and compliance are top of mind to any organization maintaining a work-from-home program. Because “just checking in from time to time” isn’t enough, a formalized approach is required. With established frequency and discipline, your organization will create a virtual environment as secure as that of any brick-and-mortar facility.

Interested in learning more about work-at-home solutions? Visit or contact our HGS Work@Home Go To Market Lead at


Author Info
Marco Colaiacovo
Marco Colaiacovo

Marco is responsible for developing and growing the HGS Work@Home program. Working with all stakeholder groups, Marco drives innovation and direction to facilitate continual improvement. Over a 20+ year career in the contact center sector, Marco has collaborated with internal and external partners to create and deliver an environment that produces world-class service. Marco works out of his home office based in Dartmouth, Nova Scotia and also serves as President of Contact Centre Association of Nova Scotia.

Campaign slider