Microsoft: New 365 subscription makes it easier for frontline workers to use data securely and effectively

The F5 subscription plan for Microsoft 365 handles security and compliance for devices used by the workers who create, sell or service what organisations produce.

frontline-worker-gi.jpg

Frontline workers need information, too.

Image: Getty Images

Unless employees at all levels have some stake in the outcome of changes designed to deliver digital transformation, it's likely to fail. Ignoring frontline staff and their managers has been a common blind spot for organisations trying to improve performance and productivity. In a 2017 McKinsey survey, for example, only 3% of organisations who didn't make the effort to make line managers and frontline employees part of the transformation saw any improvements, compared to over a quarter when they were involved and engaged. By 2019, 90% of executives in a Harvard Business Review study had realised that 'digitally connected firstline workers' would be a competitive differentiator in their industry by 2021.

Digital tools should be useful to the people who create, sell or service whatever it is that your organisation produces. Cabin crew, cashiers, construction teams, customer service representatives, delivery drivers, garment workers, healthcare providers, field service engineers, manufacturing staff, retail employees, warehouse workers -- 80% of the global workforce comprises people on the ground delivering products, services and customer experiences. It's their decisions and actions that implement your organisation's strategy -- or not.

Low-code tools like Power Apps are as useful to frontline workers like airport security staff, who want custom apps that help them do their job, as they are to office workers. But they also need the basics: email, messaging and documents. This is where Microsoft's F5 Security and Compliance offer for Frontline Workers comes in.

SEE: Analytics: Turning big data science into business strategy (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)

Pandemic pressure 

Recent events have only underlined the need for this, points out Irina Nechaeva, senior director of product marketing in Microsoft's identity and access management division. "The last year was just revelational for all of us about how critical the frontline workers are; they just became the heroes of every single industry, every single geography. But until recently, these essential workers were essentially excluded from the benefits of digital transformation."

If the ERP system doesn't help factory or maintenance workers find the parts they need, or know when to schedule work, production will be inefficient. If the things people want to buy are in the storeroom, it's no use if sales assistants don't know they're there and don't have a way to get them onto the shelves. Much of the point of enterprise social networks is to enable more people to share feedback and access information and expertise. But that should be more of an early warning system for executives than a way to plaster over the cracks in a broken system.

The pandemic turned these inefficiencies into more serious problems. Shift workers must often go to the work site, or at least an office, to look at a noticeboard to discover whether they have a shift. That doesn't work for social distancing or when you can only travel for essential business.

Regulated industries like healthcare had to make hard choices, senior product marketing manager Stephanie Lio points out. "As health systems were really strained, many systems had to compromise somewhat on the level of privacy and the usual way of working in order to literally save lives. One hospital system in Brazil was so completely overwhelmed that workers were sharing whatever patient information they could, such as bloodwork results over apps they had on their personal device like WhatsApp. That's not the ideal mode of work, but they also just didn't have tools in place with the built-in security and compliance that would keep that sort of patient information safe."

SEE: Checklist: Securing Windows 10 systems (TechRepublic Premium)

The tension between security and productivity is a familiar one; Microsoft CISO Bret Arsenault talks about the need for 'digital empathy' -- understanding that employees work around security and compliance because they need to get their job done, and making sure they don't need to work around them to be productive.

"We don't want to villainize frontline workers for using shadow IT," Lio emphasises. "They're really trying to just get things done. But it means it's inexcusable not to have a secure way for them to participate in digital transformation, and we see Microsoft F5 as an add-on as being a way to bridge that gap."

"Using secure messaging in Teams instead of WhatsApp, you could be transmitting sensitive information with annotations and notifications, so that the right people are seeing it at the right time, but with a level of privacy and within a realm where if an ediscovery search needed to be pulled across all the logs, this would be captured. If someone's transmitting this through WhatsApp or just their own messenger systems, that would be much more challenging."

Medical staff may deal with the most personal information, but retail, manufacturing and field staff also handle PII like customer addresses. "With the urgency of digital transformation happening, there needs to be end-to-end protection, not just for [office] employees with an E5 but for the people at the edges of their organisation who are processing all of this data," says Lio.

The identity team at Microsoft worked with Teams to make sure they covered the scenarios for frontline workers like customer sign-in and delegated user management (which helps someone like a retail manager bring on new employees). "With F5, as well as the capabilities that are built in, we're making sure that the long tail of applications that are specific to the industry, or even sometimes custom built -- that specific hospital system that has one quirky little app -- are also still safe," Lio adds.

microsoft-365-f5.jpg

Image: Microsoft

Costs and compliance 

Instead of thinking just about how much it costs to equip frontline workers with mobile devices and business applications, think about what staff can do with that -- they might be more efficient, they might make you more money and you might attract and retain staff, reducing hiring and training costs in an area of business that usually has high turnover. According to the Good Business Lab, "if you teach communication skills to machine operators, they become 20% more productive".

Security and governance worries over giving frontline employees devices are also common, especially in regulated industries, Lio says. "Security and compliance are the first step the CIO and security officer need to feel confident about before they can really move forward."

Devices for frontline workers need to be managed differently because they're used differently, and that may be unfamiliar, Lio explains. Instead of someone sitting down using a laptop assigned just to them, where IT has full control over the device, frontline workers might share a tablet with other shift workers, or pass it on to another team on a different shift. They might use their own personal device, or be assigned a device to use when they start work and check it back in for other staff when they clock out.

"Given all of those devices where they may be accessing sensitive customer data or patient data, as well as company resources, our customers have been saying that it's even more important to keep all of that activity secure, so that they don't have to return to the world of sticky notes and whiteboards for shift scheduling."

Frontline workers already have that information because they need it to do their jobs, and most organisations realise that the best approach is to manage and secure devices. But there's also some hesitation that Lio recognises from previous digital transitions.

"The level of comfort depends on both how regulated that industry already is and how sensitive they already perceive that data to be. It reminds me a lot of early conversations around digital transformation and cloud. There was discomfort with that process to begin with, and we're almost seeing a second wave."

SEE: The future of work: Tools and strategies for the digital workplace (free PDF) (TechRepublic)

Microsoft 365 F5 essentially gives organisations the same security and compliance features as Microsoft 365 E5, but at a lower price because there are so many more employees who will need licences. (Frontline workers don't create as many emails and documents as office workers or spend as much time on devices, so the load on Microsoft's system will presumably also be lower). 

F5 is an add-on to the existing F1 and F3 SKUs, and organisations can pay $8 per user per month for security (Microsoft Defender for Office, Microsoft Cloud App Security [MCAS], Defender for Endpoint, Azure Defender and Azure AD Premium P2), $8 per user per month for compliance (Office 365 Data Loss Prevention, Exchange Archiving, Microsoft 365 Information Protection & Governance, Insider Risk Management and eDiscovery & Audit), or $13 per user per month for both.

The F5 offering fills a licensing gap for Microsoft and a need that many customers only noticed after buying an F1 or F3 subscription, Directions on Microsoft research analyst Wes Miller explained to TechRepublic.

"Most customers looked at the F suites as a value entry, as they should. They frequently just think of firstline and frontline workers as needing productivity and not the security and compliance features. But that's not usually how the technology rules, or the needs for IT, work. Firstline workers are typically without a dedicated device of their own or share a dedicated device with colleagues. So it's easy to miss scenarios where you need the same security and compliance tools for those workers as for your knowledge workers."

When they realised that and started using the same E5 features to manage security and compliance for firstline workers as for their colleagues in the office, they didn't have the right licence to do that, but they usually didn't know it.

"This became a frequent 'a-ha' moment for customers during our licensing boot camps," Miller said. There had been a temporary 'promotional offer' to cover those customers; now there's an official subscription plan, which should prompt more organisations to extend security compliance to their entire workforce -- and get frontline workers the digital tools they need.

Also see

By Mary Branscombe

Mary Branscombe is a freelance tech journalist. Mary has been a technology writer for nearly two decades, covering everything from early versions of Windows and Office to the first smartphones, the arrival of the web and most things inbetween.