Remote Product Development: Managing an All-Remote IT Operation

Free Wifi Sign Painted on White Wall
Patrick Wykoff

IT and Data Security Manager

Patrick Wykoff

This article is part of a multi-part series on remote digital product development. As a fully-distributed organization since 2016, DockYard’s experienced teams of project managers, designers, and engineers have learned a lot about how to seamlessly collaborate across disciplines and time zones.

I joined DockYard over a year ago to manage IT and Data Security operations for our remote workforce. Before coming aboard, my previous roles were highly dependent on doing the job no matter where you, your team, or your employees were, which is a working style highly compatible with DockYard’s distributed workforce.

While the inner workings of any organization should be supported by a reliable, thoughtful, well-documented, and secure IT operation, the 100% remote model does present different challenges for a company’s IT operation.

So, I’ve developed this “Cliff Notes: Top 10 Remote IT Considerations” list to help IT teams ensure they’re addressing the most critical areas that keep remote teams productive and online.

1. Centralize your procurement.

By owning the procurement process for your organization’s hardware and software, you may be able to leverage your vendor’s volume purchaser status to receive better pricing. Also, companies like Apple and Microsoft have programs exclusive to businesses that provide you access to support, development, and management resources that are not available to consumers. The combination of centralized procurement and purchase approval workflows maintains cleaner records, which is a time and hassle saver in an audit scenario.

2. What’s your inventory story?

First, let’s talk about applications, services, and vendors. With the distribution of teams and disciplines, it might be harder to keep tabs on all of the applications, vendors and services in use by an organization. Maintaining a good discipline and centralized documentation of things the company uses, who owns them internally, and where to go to for help is something that can be accomplished in partnership with management and the respective owners of the tools. Having a birds-eye view of what’s in use can also make it easier to identify redundancies, stray accounts, and tools that are potentially useful to other teams.

Second, inventory computers and peripherals. Using a spreadsheet or full-blown inventory management system will provide tremendous value with asset lifecycle management, warranty expirations, equipment costs, time in use, serial numbers, purchase receipts, dongles, and peripherals issued per user. The more granular, the better.

3. Addressing user changes.

The art of onboarding, offboarding, and user changes should be extremely documented and routinely discussed between IT, hiring managers, and human resources. All parties should understand what they own, and when to swing into action when a user joins, leaves, or moves within the organization. This includes what happens with their computer (shipping materials, labels, data preservation and destruction), which email groups or chat rooms they should be invited to, who will cancel/transfer calendar events and file permissions, reconciling licensing, and setting up an autoresponder.

4. Have loaners at the ready.

Equipment failure is inevitable — prepare for incidents before they occur.

  • Obtain all materials to ship the computer (box, bubble wrap, label sleeves, tape, etc.).
  • Properly clean the computer, cables and peripherals — no one likes a gooey computer.
  • Perform data destruction and provisioning according to current build specifications.
  • If your build changes, make a reminder in the process to update loaners.
  • Inventory should have enough accompanying peripherals (chargers, cables, etc.).
  • Don’t forget the return shipping label.

5. Manage the machines with machines.

Several software options are available for IT organizations to manage their fleet of computers and proactively monitor for and alert users of hard drive failures, low disk space, and limited battery charge cycles. These same tools could also provide the ability to establish a common set of security policies across all computers, such as ensuring encryption is enabled or that a particular password length is used for all computers.

Which brings us to the next point…

6. Security is serious.

Untrusted laundry-mat WiFi, no building security, consumer-grade networking equipment. This is what most of us rely on in order to get the 0s and 1s flowing. The good news is that there are small things that can make a bigger impact on your computer (and organization’s) risk of exposure without getting too complex, intrusive, or requiring an overhaul for your network design, including:

  • A VPN provider that allows centralized management and issuing of accounts (note: this only offers protection between you and the internet service provider of the VPN provider).
  • A password management tool for use across the organization greatly simplifies the headache of remembering passwords. Some applications now check and alert users if their credentials are compromised and on known lists.
  • A common set of easy to implement and sensible policies to apply to all computers, such as enabling the Firewall, requiring a password to resume using a computer after being left unattended, enabling storage encryption, and maintaining a schedule for OS and third-party application updates.
  • Use multi-factor authentication where possible.
  • If available, use centralized identity management and single sign-on / external identity support for applications and services.
  • Promote a culture that 1) over reports incidents or observations and 2) acknowledges that security is everyone’s responsibility.
  • If your budget permits, third party cybersecurity training and phishing tools are highly recommended.

7. Backups and fallbacks for core business applications is a must.

It’s important to identify where your organization stores the important stuff (e.g., CRM, email platform, code repos) and determine what data will require extra safeguards. Once you understand what needs to be kept safe from deletion, determine your backup, and retention needs. There are several reputable cloud-to-cloud backup providers that will offer protections for G Suite and Microsoft 365, but don’t just set it and forget it. Delete a test file, then raise a support ticket with the vendor and ask them to restore it. Get proof that it works.

Remote teams rely heavily on communication and collaboration tools. Plan on a fallback method if your primary communication method goes down — and test it routinely. What if your main chat application goes offline for a day? It’s happened before. Perhaps you’re already subscribed to another chat provider. Test it out and be prepared. Same goes for video conferencing and even email. While not ideal, having a secondary or tertiary method established greatly reduces confusion and friction caused by an outage.

8. Break down the work.

Living out of your inbox does not help understanding the kind of work that’s being performed by IT. Even if you’re a smaller operation, maintaining the discipline of categorizing your work will better help understand the amount of planned and unplanned work being performed by IT. It doesn’t take a complicated ticketing system to do this. Even maintaining your own task list, or using either several free online task management tools will help you organize the work and forecast time allocated for providing service, research, and performing project work.

There are methodologies out there to streamline how the work flows through your department or organization, but as an IT organization, step one is to get into the habit of recording it and categorizing as planned or unplanned.

9. Collaborate with non-IT departments.

It might sound simple, but sitting in meetings with various departments gains IT perspective and better understanding of their workflow and realities. The benefit could be mutual. If a team or group is discussing a relatable problem, there could be opportunity to share your ideas or solutions. Outside of meetings, offer multiple avenues of communication for your teams to reach you — email, phone, chat channel — and, for your own sanity, funnel those into a single location to centralize requests.

This is especially true when it comes to business/financial planning, which can yield important operational details needed for IT decision making. Depending on the role and responsibility, this could mean you are the one building and executing the budget, or providing input and having a rough idea on spend. Knowing the company’s vision and plan in advance provides leadtime to source the best deals.

10. Keep informed about the tools your company uses.

Be sure to keep an inventory of all the tools different departments are using to do their work. If they’re using a SaaS product, leverage the vendor’s feeds for status and upcoming changes. Most providers supply notifications for up, down, incident, and maintenance notifications via RSS feed, blog posts, or emails. I like to subscribe to the RSS feeds and link them to a dedicated chat channel. Emails can also be fed into a chat channel.

If a tool we use has some sort of issue, I can make an announcement as needed and link to the original alert so others can monitor progress. At a minimum, share these channels with the operational owners of the tools in your business to keep them in-the-know on alert details or upcoming product changes.

And that’s my top 10. Really, we’re just scratching the surface, and there is way more to cover, such as automation and the importance of understanding legal obligations as they pertain to IT and security.

If you manage IT aspects for your organization, I hope this was informative. Please don’t hesitate to reach out to me if there’s anything you’d like to take a deeper dive on. I’m happy to offer more details or learn about what you have going on with your remote workforce. Until then, here’s hoping for smooth sailing.

DockYard is a digital product agency offering custom software, mobile, and web application development consulting. We provide exceptional professional services in strategy, user experience, design, and full stack engineering using Ember.js, React.js, Ruby, and Elixir. With a nationwide staff, we’ve got consultants in key markets across the United States, including San Francisco, Los Angeles, Denver, Chicago, Austin, New York, and Boston.

Newsletter

Stay in the Know

Get the latest news and insights on Elixir, Phoenix, machine learning, product strategy, and more—delivered straight to your inbox.

Narwin holding a press release sheet while opening the DockYard brand kit box