As the majority of companies are forced to press the pause button, there is still much that can be done. We rarely have time to reflect on our hectic lives and businesses. During this time of reflection, we can plan with a purpose for the restart. No one knows what the new normal will be, but being prepared for anything will be critical to success. We should be reminded of the power and impact that construction has on the world around us and its critical part in our infrastructure and economy. Our panel discussed Safety, Project Controls, and Cybersecurity in the COVID-19 era as we continue to plan for the restart ahead.
eSUB believes that we take on a different role when it comes to the construction industry. We’re here to lean in and become a resource to empower the trades. In the recent webinar, Transitioning to the New Normal: Safety, Security, Documentation, Jeff Sample, Rob McKinney, and Nick Espinosa discussed the state of construction, safety, cybersecurity, project controls, and to answer questions that viewers had. Rob McKinney, aka, the ConApp Guru, business development at ICT Tracker, spent 14 years as the safety director. We were also accompanied by Nick Espinosa, is the Chief Security Fanatic at Security Fanatics. Nick is an expert in cybersecurity and network infrastructure. He has written for Forbes, consults with clients from small businesses up to the fortune 100 level. He is also a spokesperson with the COVID-19 cyber threat coalition in an attempt to protect hospitals from a threat against hospitals globally.
Three major challenges that construction businesses face:
- Finding skilled labor
- Project management and completion on-time and on schedule
- Getting paid and making payments
Effects of COVID-19
Unfortunately, COVID-19 has impacted these three most critically. For example, it impacted the ability to find and hire skilled labor, keep workers safe and prevent them from getting sick, progress on projects, and manage the stay-at-home actions, social distancing, requirements, etc. Additionally, COVID-19 impacted our schedules and our ability to get paid because of the economic pause. However, not all of the impacts are negative; this is OUR time to pause and reflect and plan. As Jeff, our IT Ironman said: “Silver linings to this big dark cloud.” We can come back stronger from this than ever before.
1. Develop a written program/plan for COVID-19
Utilize shift work where applicable. Our industry is built on the ability to handle crises. We can go to three shifts a day and seven days a week, and even on weekends. Construction workers are used to working different types of hours and in different settings. There is a long history of doing work in situations of power outages, turn jobs, roadwork. PMs can protect workers by spreading them out if everyone agrees that working three shifts a day is a good idea.
2. Health monitoring stations (pre and post-shift)
Implement a pre/post-shift temperature checks throughout the day. There is a different dynamic to think; who is the person going out to check on the team’s status?
3. Site sanitation plan (after each shift) – Before? During? After?
How do you clean job sites?
What are the right chemicals/solutions?
Which chemicals and solvents to NOT mix on a job site?
4. Tool plan (no sharing policy)
Commonly, before the pandemic, the sharing of tools is just the way of the industry. Now, we have to pause and think: does your team share tools? Do we sanitize company tools? A lot of people bring their own tools to work. Do we sanitize personal tools?
5. Spread out during meal times
Traditionally at job sites, people like to sit together, talk, and eat together. It is tough to social distance of 6 feet with crew sizes of 8-20 employees. Currently, for open sites, we see a lot of things done with tents, the bottom floor of parking decks, and lining up/spacing out with two chairs at a table.
However, this is a struggle for a lot of safety professionals because it is a social norm that is hard to change. Commonly, workers spread out during work, but once it’s break time or food, everybody gathers. Since many locations throughout the country are still under full lockdown, we think about safety programs and how we’re going to get back on our feet.
6. Commuting in the era of COVID-19
If possible, Drive alone if you can to avoid the risk of exposure. If not, wear a face mask when inside the car, bus, in public transportation. Ride with the windows open for fresh air. Some states are requiring that you wear a mask and cover your face for protection and prevention of the spread of disease. Also, wash hands before you enter any vehicle and wipe down the car after any ride (dash, steering wheel, armrest, handles, knobs, seat)
COVID-19 Jobsite Quality Control and Quality Assurance:
Companies were shut down before they were anticipating it. Right now, as things are starting to open up, your job site might start opening up, or shutdowns might happen in the near future. Nonetheless, no one is operating under normal conditions.
Photos and 360 photos of installed work allow PMs to see how close workers are together. Videos of installed work and 3D model Updates check the status of the BIM model in realtime to know what kind of work has been installed. Finally, QC Tech to Consider like AI trains computers to do specific tasks. Now job sites can use AI to determine if workers are too close together. In terms of legality, governing HR is looking for legal fall out for businesses that are failing to supply proper gear. You must supply your workforce with masks, gloves, protective equipment because it is legal liability for the contractor.
There is a successful hacker attack every 39 seconds on the globe (2019 FBI), and because of COVID-19, the rate is higher. 3.8 million records are stolen every single day. It ranges from small to mid-size businesses because they don’t have the funds or the cyber defense strategy that larger organizations have. By 2020 there will be 200 billion connected devices on the planet, 10% of which will always be compromised. 95% of all data breaches came from three categories: government, retail, and technology providers.
Common Cyber threats you might not be aware of
These threats are universal, not must corporate, business, or even at home. Public wifi can easily get you hacked because you think it’s yours to use without consequences. IoT devices like drones are a disaster for your security because they are easy to weaponize on the internet, and have the largest bandwidth attacks.
Social media platforms are a breeding ground for phishing attacks of all kinds. Also, messaging apps are not as secure as you think. The app’s provider records and monitors the information on your device. Data mining is also a typical cyber threat because of its amount of advertising. Apps like Whatsapp encrypts the data as it moves from point A to point B. Make sure the app is not from a company that makes its money from data mining (sell to advertisers). Remember: if it’s free to you, you’re the product
Poor Passwords are getting people and corporations hacked daily. Don’t make the password: password. Five thousand websites are registered a day (some are legitimate; a lot of them are malicious.
What can you do right now to improve security:
Use free security apps and options
Android/iPhone can encrypt itself automatically with a good password. Other apps based on security (2-factor security/authentication) you have a backup password so no one can log into yours (encrypted into your phone).
Companies have corporate messaging apps that have security signals that you can pay for, but the free editions are also secure (well known in cybersecurity industry)
Inventory all equipment that has access to your network even in remote working environments. Crews on job sites need asset management of all phones, tablets, computers, laptops, IoT devices so things you can keep track of equipment.
Review and improve all passwords and security policies
Nick recommends passwords be 11-14 characters or more. Mandate security policies, Do users need 24-hour access to log in? Restrict their login from 9-5; this lowers the amount of surface area for an attack because other areas around the world can attack when we’re usually asleep.
Your business needs a cybersecurity assessment
Many people depend on a third-party IT system. Frequently you get a 5-15 page report that gives you a data assessment, not cybersecurity. Cybersecurity assessments check for anomalies, asset management, management, business planning, improvement planning, contingency planning, and data security. In comparison to a vehicle, cybersecurity is the locks, breaks, and shield that ensures the engine keeps moving.
Education of all users
The biggest threats in cybersecurity are our employees, family, our users. If you don’t train properly, your users are not going to respond to phishing emails properly. Especially, employees will not understand that BEC (Business Email Compromise) is one of the largest problems, and corporations have lost billions of dollars annually because somebody spoofs the CFO or financial advisor. Tell employees not to use the free wifi, set up policies, run phishing training tests.
A digital Workspace: Remote Tools
The challenges in the office and the field: office communication, documentation, scheduling, and realtime information:
We’re used to meeting Face to face, Meetings, and Email. However, email is a form of documentation, not communication. Messaging platforms are for communication.
Documentation is critical for project management basics
Documents work everywhere, and they tell the story of the job, who touched which equipment, who was working with who. You need to document the extra things that you’re being asked to do. Typical forms of documentation include photos, videos, and notes
Prepare and match up Supply chains. The biggest insult to injury is to go back to job sites that don’t have supplies. You don’t want to burn more hours, stay resourceful with equipment, safety, and security.
Augmented reality like ICT, documentation allows you to work in place quickly. Digital BIM, is resourceful to get realtime data for everyone in offices and job-sites. There’s a lot to worry about a worker’s daily tasks: between getting your temperature taken, signing in and out, knowing what works getting done, where crews are, getting information, getting your dailies, getting people paid. Storing realtime information in the cloud is a necessity for everyone to stay on the same page.
In times like this, mindset changes are important. We need to come out of this with a more agile methodology to what we do, what we’re going to do today, what did we do yesterday, etc. This works for people on job sites and for people at home. Perform daily check-ins with your workers to see how they’re doing. And understand, this is new for everyone; you need to understand people are going through stressful times with the transition. Safety, security, and documentation are necessary to get you back on your feet and on the job site.
Although nothing compares to in-person meetings, video conferencing is the best thing right now. However, you need to be aware of some issues. In the last few weeks, Zoom is actively working on fixing their bugs to make sure people can’t break into meetings. There are recommendations not to use zoom for sensitive meetings because there is a discrepancy with encryptions.
Now is not the time for panic; now is the time for action, whether that be just in your digital tools but maybe with your policies and training. Check out the resources page to get help get you back to the new “normal.” On this page, you can get access to our free software, COVID-19 Toolkit, communication plans, etc.