David DeFrancis: Your IT Challenges with Off-Boarding Start with Improper On-Boarding
This is the higher power radio show before we get started. Let's take care of little housekeeping. Traditional resumes and interviews can be biased and subjective leading you to overlook high potential talent. Who didn't have the perfect resume or cookie cutter background uncover that hint potential learn more at Criteria Corp Dot Com? That's CRI CR. He DOT com most advanced recruiting techniques. Land the most desirable talent your company towards a massive success. This is the higher power radio. Show Rick Girard. The problem with off boarding is improper on boarding. The vast majority of companies still do not have any policy in place to support work from home so as the majority of companies have switched from remote work plan to implement this new system going forward companies need to understand how to make effective switch that will align their company goals with the business development strategy. I'm Rick Girardin. Welcome to the Higher Power Radio Show. Our show is designed to help entrepreneurs and hiring managers. Avoid costly hurry. Mistakes by identifying specific problem in providing improven enable your company to win the right hire. We share insights from top performing rebel entrepreneurs disruptors and industry experts like our guest today. Mr David de Francis. David is the CEO of proactive now. David started his first computer consulting business in one thousand nine hundred ninety eight and launched. It proactive in two thousand fifteen. You notice a need. For Security and process in small to medium. Sized businesses was completely under served so he started up the company to help and serve that market in a market. That it's much needed. Which is what makes David the perfect expert for today's topic. David welcome to the higher power. Radio show thanks RIK. Thanks for having me appreciate that. It's a pleasure to have you so we're going to cover a few things today. We're GONNA talk about on boarding and off boarding employees in reference to sit in policies or remote work especially in today's environment and bring your own device plan. Sounds like a plan. We got a bunch to chew today. Right yeah got quite extensive. Note all right so. Let's talk about what today's challenges are win successfully on boarding and off boarding a new person. Yeah thanks Rick. I appreciate that just like to take a moment to say. Thanks for having me on the show. Much appreciate no. I've known rick for Jesus five years now I believe we keep talking about coming together on the show and for whatever reason the last being reasons you keep blowing me off not purposely. Yeah thank you. Thank you actually. The last time we were scheduled to be on the together it was right before cove and right before Cova and it was the day before at home order happened. We're kind of scrambling. And then our ticket load went to. I think three fold because of the covert all of a sudden. Everybody wanted to work remotely. It's kind of a great segue into what we're going to be talking about the day because when we originally created these notes we're GONNA be talking about. Byod bring your own device. Work from home policy and remote access and with Kovic is a perfect opportunity to do so. Thank you absolutely all right. So what are the challenges? Today companies face number one challenge is most companies. Do not have an on boarding off boarding chocolate first and foremost. They may have an boarding checklist with hr but not with regard to it. And that's extremely important because as you know if you're headed to computer and it doesn't have anything on it. You're not sure exactly what to do. There's not an expectation. Senator what you can and cannot do with sure. I believe that there's a lot of companies that don't have policies remotely close especially start-ups it's kind of like well just connect your advice and let's see what happens especially with. Dart's we say that a lot typically because of budget constraints. They don't have a budget for it or devices in that sense so the Bring your computer on connect to g mail officer sixty five or whatever the have and get to work and do the best you can. But as companies mature you need to have these policies put in place especially from. Hr Stamp do you think he should do it before you even get started? I think you should but we see typically is not that well. Yeah so change it. Why not be that much? Further ahead of the curve. I'm a big proponent of advocating creating checklist policies before you even onboard. Your I employ all right. So let's talk about policy. What policies need to be in place? First and foremost there should be an acceptable use policy. An acceptable use policy is what's expectation of what that company owned device should be used for what applications should be accessed. What websites are inserted acceptable? And you can use this device where you can use the device. Okay with that. Include personal absolutely again. There's no right or wrong answer for this. But for instance Kenan employees access to their personal email on a company owned device can access their personal banking social media etc can access their own. Google drive you start thinking about all of those different applications. It opens up your company for a data breach rather easily. Okay so the way I see it. There's two different scenarios that come into play one. You have company owned devices which is usually a company. That's got some money. They're able to buy devices for their people and effectively keep out separated. Then the second part you have which most startups fall under that category is they will actually let you use your own device. Connect to everything and who knows what happens exactly. So what are the challenges there with? Bring your own device when you bring your own device and you connect to a network. Any data that has accessed that is company owned is now on a device that the company does not matter meaning that we don't have any policies wrapped round either that mobile device or that desktop laptop computer to protect that data in case of loss or theft. Kind of so. You're taking a chance that whatever information goes through the device. You're willing to lose absolutely yes. So we've got the policy the acceptable use for company. Quite mundane you have your being device. What else what's the other policy needs to be remote access policy? So it's a policy that defines how you can access company data when you're away from the office essentially that's what it is. I'll give you a couple of examples if you have a company owned device and you take that company owned device to a remote location and it's at your home. For instance. There should be a policy route around. Can you access it from home? Can you exit from an airport? Can you access it from a hotel? Kiosk how can you access company owned data? You asking these questions because there's not a one size fit all for this policy. So as to protect them. Nineteen to some random wireless network that somebody can hack into a absolutely. How do you protect? Do you put some sort of VPN or some other thing in place. That will protect that. You can't yeah absolutely you know. Sometimes you can do either a public. Vpn Or private VPN so all data is encrypted and goes to the corporate network. That's one way to do so. You could set it up so that you can restrict the data to be accessed from certain Ip addresses so for instance you may adopt a remote access policy that says you can access the company owned data from your home but you cannot go to an airport kiosk. You cannot connect to public Wifi and access data and you can even go one step further and say if you're not at home and you're at an airport kiosk or hotel then you have to. Then connect to a VPN. All the data is encrypted and secure. Okay perfect higher power radio show. I'm your host Richard for our podcast listeners. We're GONNA take a quick educational moment from our sponsors. Every employer wants to hire great people. But do you know what a great person looks like assessments give you a multidimensional view of the individual that you can never see from a resume alone. Not only can you make a more informed objective hiring decision but you can also uncover some hidden gems and your talent pool along the way the result higher performance term retention and a much stronger team learn more at Criteria Corp Dot Com. That's CRI T ARA. Crp DOT COM. Thanks for joining us today. Our guests is David Francis. He's the CEO of it proactive. And we're talking about creating policies and protecting your business especially through this remote work at home scenario that we're living in right now so we just talk a little bit about what we need to do or what needs to be done not talking about how to do it. Let's educate our audience. Most of our audience by the way David tend to be startup entrepreneurs. So let's help them. Put the structure in place that they need to in order for them to build their presence correctly. Absolutely what do we need to do to create a effective internal policy around remote access? Started the conversation. First and foremost having something is better than having so you want to start asking questions as far as all company data. How do you want that access? Are you going to enable your employees to access it on only corporate devices? Are you gonNA enable them to access? The personal can access it when they're at the office when the remotes are asking those kinds of questions. Which kinds of are we talking about? You have sensitive data and then you have opened in. We consider all data sensitive data sensitive. Now you can have confidential and you can have public but for the most part we just call it. A company owned data. In your opinion all company owned data should be secured. You ask the questions then why. Why don't you have the questions? You can wrap a certain amount around technology and the rest. You have to wraparound policy okay. Let's start there. Let's talk about the policy. I so now we're going to create what acceptable use policy I okay so how do we do that? The first question is is it going to be a company owned device or person device? And you probably want to kick off in two different policies ones. Byod policy on corporate devices is GonNa tie into acceptable use policy and what they can and cannot do or is expected on that policy when they are at the office and when they're remote and how they access that data in addition to that and this is going to be more. It managed is on the actual device is the data encrypted at rest meaning that is data on the hard drive. Conscripted is all communication between that device and the server whether it be an on premise server or cloud server or private cloud server is that data encrypted for some of US non techie people. Would we need to do to encrypt data? There's a number of different things you can do to encrypt the data. One of them is. If you're running windows you can use bit locker included essentially as long as you have a in for that computer and the computer is lost are not able to access that data the user account. Then you won't be able to access that data okay and just put it into the computer if you have an apple. There's also encryption there as well so that's important for both. Bring your own device and for the company on. Yes not with bring your own device. It's a little more complicated. Because typically hardware doesn't support the encryption or it's not managed by the company so the company doesn't have to remote access that device so the recommendation. We'd be then every single employee that you have. They should get their own. Company owned device absolutely yes to small cost in the grand scheme of hiring employees most do in the form of a laptop. What about when they connect their cell phones? So you usually have a mixed use policy right. Typically speaking we do have accused policy for the most part about ninety ninety five percents of our clients. They issued laptops and desktops to their employees. And then they'll give limited access to on their mobile devices. Typically speaking it's only email and with the email we can do is we can put that cell phone into what's called managed mode and then it gives us the ability to remove company data from that mobile device long as they sign a waiver that we can remove company data from their personal device if and when they were daily company at any time any time. Yeah okay so if you need to lock them out boom for whatever reason yes. So what needs to happen when this person starts? Let's talk about on boarding because we got in this conversation by the way because we were talking about how off boarding is such a problem and you as an it professional. See it all the time where you get those oche it calls. Somebody just laughed and we need to figure out how to lock them out and we need to do this that and the other thing. How many calls did you get a mock? You probably rely right. So most of our clients are managed services we have a relationship with them and when we first onboard them we put these policies in place so we typically don't have those conversations but there are some times especially with you. Know with a say for instance. Kobe nineteen happened. And there's a lot of terminations a lot of furloughing of employees. We had those conversations with our new clients because we hadn't had a chance to get in there and pretend route these policies around their environment. So you talking about checklist. You have a checklist for everything right. So you're GONNA policies and procedures checklist on boarding process and an operating process. Which is a checklist. Absolutely whether it's done in Excel spreadsheet a word document for us we actually create portals for all of our clients so that they can go in log in. And there's a checklist online for them. So they just essentially go in. There's a lot of foreign fields on radio buttons. They fell the information. It goes directly ticketing system. We have standard operating procedure documents at how to onboard an employee and then based on that on boarding everyone of these documents is specific for each client we take that document and then essentially reverse for affording so. There's talking about the on boarding checklist when these happened are typically speaking and again every bit different but typically speaking the first question we ask suicides the person's name last name email address images they prefer phone numbers etc is. We're GONNA create a Directory Service Account. This is security account whether it's through Google or through after sixty five on premise active directory. And I'M GONNA get into that but we make sure that that account is set up first and foremost and then of course we set their email account if it's G. Suite. We set up their would account officers sixty five access to their google. Drive or share point in most of our clients is what we. You're just creating a new account. It's a new company owned account so they have an existing on Microsoft account or personal Max Account. We don't use that and I've seen that like where people let them use their own private. Google count big mistake. Okay why is that a big stick because now you're commingling company data with their personal data boom boom next line of business applications whether it's quickbooks a cloud application that you use to do collaboration there's accounts and even setup and permissions applied to those accounts. So they can do their work effectively. Anything else file share. So if there's a on premise file server google drive or if it's officer sixty five share point they need to be given the appropriate permissions for those sites so they can access that data okay and this is all done on day one. This is done typically speaking before the computer we have to wrap all these policies around we have to discuss with the decision makers on what is going to look like when a new employee with a specific role comes into the organization before they're even interview you're defining the permissions and everything win. That role is written at the job description. Absolutely we want to create a security group that particular role and assigned permissions to that security group. And by the way this follows through with your interview process. This is actually a really important thing that if you've got a strong interview process and you onboard really weekly. That's not going to help you. It's certainly not going to help with retention not going to bode. Well no all right so then when somebody comes on. I assume that they signed something to say that they comply with all of the policies that you have in place. Yes at that point once. We go through the checklist getting everything that I talked about. Maybe even VPN access ore mobile device bringing on device. Or there's a mobile policy that needs to be put in place as well once or given all of these devices. They're expected to go through all the policies sign all the policies. Make sure that they're familiar with them. And then that point. They're able to log into their computer and work effectively. Okay so this is really important for entrepreneurs because a lot of entrepreneurs don't have an HR department who's taking care of this document it and you have to get in down. You have to make sure that people sign off on it. Otherwise you just run into a lot of problems when you're off poured. Yes if you don't get this done on day one and you decide to put it in effect a fifteen or thirty and they do something. That's in breach of your company policy. There's no recourse because you didn't give him the policy. You didn't give them the proper direction an expectation the beginning so you can actually set yourself up for a wet wrongful termination. If you lung go. They didn't know absolutely because if they're violating policy that they're not aware of then yes. You're absolutely setting yourself up for a wrongful termination suit. God forbid you have to get rid of him when he's happy so if you need to get rid of them in in today's mobile workforce especially with Covid nineteen going on you typically have to terminate somebody over Webex or zoom or teams or whatever may be and sometimes you have to do this. While they're using their company owned device so had he managed that that's a great question. How do you get your computer back? I didn't get computer back again. Typically speaking the value of the computers the last thing you're worried about because it's all the data that's more important so this is what we do day in and out is we make it so that we have access to that mobile device whether they're here in the office or if they're at home or even on an island somewhere in Fiji so you need some sort of manage application allow you to wipe out data. Absolutely yeah okay so you wipe the data. You're on the zoom. You let them go. You wipe the data right at that point yet. Didn't ask for the machine back whether you get the machine back or not. That is what it is really. It's not as big a concern. The most important thing is while you're doing the exit interview even if it's on a company owned device while the interview's going on be actively removing all company owned devices from their mobile device and their desktop or laptop. So you need to have a second person in their his wiping while you're talking yes and typically. It managed so hr is going to be doing determination while HR during the termination they coordinate with us typically to give it a lot of credit. So what if you're a CEO and your four-man shop and you've got to do it you're the CEO HR person and it's not a problem. What typically happens with us is the CEO or given resources. They'll reach out to us and say word terminating. This particular employee on this date. We need to coordinate afford them. So we'll do. We will set a resource aside wild. They're doing that termination. They will either send us an email or make a phone call to us and as they're doing the term we will start offering them. I have to do it myself too. I wipe first. Then let them go and then if you have to do it yourself and you don't have an it department like it Brockton. Yeah what you'd want to do is when they go into interview. Get all of the company owned data immediately possibly if you have the ability to the technical expertise disabled all the accounts right before you go into the exit interview and then take all the devices back and then change any passwords. They might have that are shared information. Yeah Okay Perfect. You want to have again. This is part of the checklist. You WanNa have before going into that meeting all right. We're getting a little close on time. Wet or two or three key takeaways. You can give the audience that can help them the complete into their business today. Well that went fast. Fight Super Pass goes by really quick And I didn't even cuss them. Are Darn it couple takeaways? First and foremost is start some policies even if they only have one or two items start three policies immediately an acceptable use policy a remote access policy and a bring your own device policy. Those are the three most important policies put in place immediately. The second is created on boarding checklist and do the same thing. Even if it's one or two items have a document that you can continue to add to as you onboard. People go through the checklist at anything that needs to be put in place. It's a living document off boarding. Make sure that you update that as well and also being sync with. Hr You want to make sure that we've been situation before. We want to mitigate this from happening is we should be or the. It department should be in sync with HR as far as when they're terminating. We should know that because we have to tell our internal team to give this person support or communicate within your organization like your executive team so they all know what's going on as well absolutely to we're out of time for today's show give thanks so much free time investments today and. I want to welcome you. The Higher Power Radio Community and the what would be the best way for members of our community reach him. As a matter of fact we actually have some of these policies as when you share those absolutely. Oh that'd be great so when you send them to us and we'll Lincoln and the show. Yeah so my email address just named David. Dav AT IT PROACTIVE DOT com. And you can send me an email just said that you requesting a template of the acceptable use policy or bring your own device policy or all of them and I'd be happy to send this over to. That would be amazing guys. Take advantage of that so i WanNa thank our listening audience for tuning this week's episode of Higher Power Quick Things to our team. Our Engineer Christopher Decker Producers Andrew Ballen and award. If you're listening to the podcast please subscribe review and share. We're listening we welcome your feedback. After all this shows for you you can join the Higher Power Radio Community at higher that's power. Pow ER radio or a DOT COM. You can drop me an email or stride search dot com tune in next week. Our guest is going to be J. Connor. He's the founder and CEO of learning ovation. I'm your host Rick Gerard and you've been listening. The higher by Radio Show Aloha. Thank you for listening to. Higher Power Radio. Lincoln live show every Tuesday at noon or download. The podcast on iheartradio. I choose youtube or your favorite podcast platform. We appreciate you joining us on higher. How RADIO WITH YOU GUIDE TO REPEAT GERARD IRAQ Iran?