REPORT

Read Forrester’s People Analytics Landscape Report –  Download now →

Home / Blog / Hybrid work: Determining employee work location in a privacy-centric way

Hybrid Work: Determining Employee Work Location in a Privacy-Centric Way

Learn how ActivTrak has developed the only accurate model for location predictions that preserves employee privacy, unlike prevailing reverse-IP methods today.

Omri Goldshtrom

By Omri Goldshtrom

people working together around a picnic table

Where did everyone go?

The pandemic accelerated many work trends that were already underway. Gartner and Gallup estimate that of the 100 million knowledge workers in the US, three-quarters are expected to work in fully remote or hybrid remote-office environments indefinitely, with only a quarter returning to the office full-time. A similar pattern is true for the nearly 1 billion knowledge workers globally. This creates vast opportunities for organizations to re-evaluate their needs for office space and to extend much-needed flexibility to employees balancing life-work demands. However, it is also a concern for many employers trying to balance flexibility with accountability. Many headlines report that remote workers are more productive than their water-cooler-chatting office counterparts. But where’s the data to prove it? And how much of that is relevant to my industry? And which types of workers benefit from remote-work policies? The only way to understand whether remote/hybrid policies benefit your organization is to deploy workforce productivity analytics software like ActivTrak and segment remote from in-office employee days. But determining location is hard. Read on to learn how ActivTrak has developed the only accurate model for location predictions that preserves employee privacy, unlike prevailing reverse-IP methods today.

Digital footprints

In the internet age, every device is assigned a unique physical ID – their MAC address – and a unique network ID – their IP address. Your web browser emits this IP, or Internet Protocol, address freely to every site you visit. Go ahead and type “what’s my IP address” in your favorite search engine if you don’t believe us. An IP address is not a location, though. The IP alone won’t tell you whether a device is in Utah or Uganda, or whether it is connected to a corporate network or personal hotspot. To make the leap from IP address to location, a cottage industry has emerged tracking the attributes of IP address ranges and offering “reverse geo-IP lookups.” However, those locations are typically approximations. Moreover, this approach identifies an employee’s physical location, breaching their privacy and trust, potentially placing them at risk and exposing the employer to legal liability. ActivTrak does not and will not use physical addresses in location predictions.

Why don’t you tell me where you are?

An alternative approach is to label your IP addresses with a non-controversial label like “Office” and treat every other IP as “Remote.” This approach works for smaller organizations with static IP ranges and limited changes to their network topology. Of course, this adds an extra onboarding step – you must pull in your Network IT folks before you can use any location-based features, not to mention every time there are office and network changes. However, it solves the nasty problem of exposing your employees’ physical locations. The problem with IP-only labeling is that IP addresses have a major limitation: your final IP address is often from a proxy server, not your device!

The call is coming from inside the house

Two very common examples of unreliable IP addresses are:
  1. Workers connecting to the office network via a Virtual Private Network (VPN)
  2. Workers connecting to another device or terminal server using remote desktop software
In both scenarios, the IP address associated with your online activity is not from your computer and network but rather from the VPN you are tunneling into or the remote server you are accessing – which are likely both in your office. Hence, these activities will fall within your office IP range and receive the label you gave them – i.e. “Office” – even though you are sitting comfortably at home. The only way to reliably determine your network location, therefore, is to observe your local network!

An agent is on its way

Agent-based software, like ActivTrak, is the only way to measure what’s happening on the client device rather than how it appears on the receiving server. What kind of signals would we want to observe to determine location? The goal is to understand whether a worker is on the office network or a personal one. Hence, we want to observe features of the local network, such as:
  • WiFi networks in range (SSID)
  • WiFi network connected to (SSID)
  • MAC address of connected router (BSSID)
  • Whether the Remote Desktop Protocol is in use (RDP)
  • and others
Together, these untangle the complex scenarios that arise in the modern workplace, like:
  • Local and public networks don’t match because users tunnel into internal networks via VPN
  • Activity appears to come from a data center because users connect to a terminal server from home
  • WiFi networks are rationalized across offices or 5Ghz bands are introduced
  • Routers are upgraded
  • and on and on…

What happened to privacy?

ActivTrak has pioneered the concept of “Insight not Oversight” and has been lauded for never logging keystrokes, webcams, video recordings, personal devices, and more. With location, it’s no different. ActivTrak one-way hashes your network signals so that we never see your clever WiFi name or router ID. IP addresses are public and are reported back to our application; however, the signals from your local network are completely scrambled before we use them in our location models. Further, no ActivTrak employees will ever have access to the originals.

How do you make sense out of nonsense?

The key is to understand how we define an “Office” location. An “Office” is simply where a critical mass of workers (users in the same ActivTrak instance) congregate to work. It could cover:
  • All your physical offices
  • A customer office where your Sales team is working to close a big deal
  • A co-working space you’re leasing to test new work arrangements
  • A hotel or conference venue where you’re hosting an all-hands or partner conference
  • and on and on…
If people are working somewhere, that work is part of their job expectation, and they are in a facility designed for the purpose, well… they are working at their office for that day! Since we are just looking for groups of co-workers on the same network, we don’t need to know the specific values of their network details, so long as those details are unique and consistent for anyone on the same network – which is guaranteed by the hashing function. We use an approach to clustering through which we build a graph that connects different users based on the strength and quantity of the various network signals we collect. If there is enough similarity across the network signatures and related meta-data, we can identify users sharing an office. “Remote” classification is much simpler: if no one else is sharing that user’s network signature, we classify them as working remotely.

What about Charlie who’s alone in the office on Tuesdays?

Since we’re looking for employee clusters, it’s reasonable to ask what happens on days when too few people are in the office at a time – a problem that, admittedly, affects smaller organizations primarily. To address the conundrum of accidentally labeling your office as “Remote,” we’ve implemented location history. If a critical mass of workers congregates at a location one day, we will retain that information and label the corresponding network signature an “Office” going forward, even if fewer than the threshold are working there. On the other hand, if a number of coworkers congregate at your favorite coffee shop one day and log into their assigned computers, we’d identify that coffee shop as an “Office” for that day. However, we wouldn’t want to classify you as an “Office” worker the rest of the month when you are working and sipping lattes alone. Hence, location history can also be forgotten. This approach balances key location use cases:
  • Auto-discovery of offices, especially those where IP addresses are unknown or change
  • Remembering offices, even when they are sparsely populated on some days
  • Forgetting temporary offices to limit false positives
This approach is also fast, since we only match users against office clusters with strong signals.

But what if I know my IP ranges?

ActivTrak doesn’t ignore IP addresses; we just recognize their predictive limitations. However, if you know your offices’ IP ranges and want to program them in to guarantee we never miss Charlie alone on Tuesdays, we accept labels for “Office” and “VPN.” Hold on… I thought VPN IP addresses were proxies that cannot be trusted. That’s correct! By labeling an IP range as “VPN,” you are training our model to de-value the IP address in the prediction and focus on the other components of the network signature. That way, we can better predict whether you connected to the VPN from home or the office – or started from home, shut your laptop lid, drove to the office, and then resumed work, all from the same VPN IP! IP labels can be provided in a default mode or exclusive mode. In the former, you authorize us to continue identifying additional office locations, while in the latter, only activities occurring in your specified IP ranges may be labeled “Office.” In both cases, VPNs and remote sessions fall back to our predictive model, since those IP addresses are inherently unreliable.

The most accurate and most private location predictions

There’s no doubt that by accessing network signals from the router co-located with you, ActivTrak is able to provide the most accurate location model. But the benefits go much further:
  1. Support common remote work patterns, like VPN tunneling and remote desktops
  2. No reverse-IP lookups of physical locations → avoid privacy and liability risks
  3. No upfront configuration necessary → automatic office discovery
  4. Expanded “Office” definition to include legitimate co-working spaces
  5. Available overrides to guide location predictions
Don’t cut corners on employee privacy. Get ActivTrak.

Share this article

Getting started is easy. Be up and running in minutes.