Contact Us

Poaching, Spying A Growing Concern In Coworking

Open office spaces and coworking are designed to help companies foster communication and collaboration, not only among their own employees, but also with workers from other firms.

But the intermingling also has a dark side — the risks of losing talent or intellectual property and corporate spying. And as coworking has skyrocketed in popularity over the last few years, the risks have escalated.

Working on a laptop in a coworking environment can expose companies to eavesdropping

Newmark Knight Frank Executive Vice President Sean Moynihan said his brokers ask clients when they express interest in a coworking space: Who else is in there?

“It sounds cool, but ... because of the newness of it, they're not taking it from a wider view,” Moynihan said. “That's what [clients are] finding. What seems like a good solution and once they get in, they're having a different experience.”

Some experts are raising alarm that the open, collaborative work world may be detrimental to corporate secrecy, competitiveness and intellectual property security. After all, corporate espionage is big business. Economic espionage through hacking alone cost the U.S. economy $600B a year according to a 2018 report by global security software provider McAfee.

Businesses have focused on protecting themselves from online threats as high-profile companies like Equifax and Target have fallen victim to hackers. In office common areas and coworking spaces, a worker's online presence is typically layered in security. 

It is somewhat ironic, then, that the growing threat in the new style of working is far more old-fashioned.

“People are mixing together in ways they never have before,” said Cam Mackey, the executive director of Strategic & Competitive Intelligence Professionals. “And there are very few safeguards that aren't about stuff that goes through a server. Basically conversations. That's not on companies' radar screens.”

Bridge Commercial Real Estate CEO Jeff Shaw

SCIP is a trade organization of licensed competitive intelligence professionals — essentially, people who make their living acting as corporate spies, digging up information on competitors for corporate clients. Mackey said members of his organization keep to strict ethical standards and are prohibited from workplace eavesdropping. Still, there are many of his ilk that don't hold to those standards.

“Everyone is chasing the benefits of collaboration. But there's a downside, too,” he said. “Someone is going to say something intentionally or otherwise that they really shouldn't.”

The presence of coworking operators in office buildings is already giving some companies pause over concerns of competitors in their midst. Colliers International Senior Vice President Jodi Selvey said a staffing firm client of hers, which she declined to name, required a landlord to ask any potential coworking operator that could lease space in the same building to prohibit competing staffing firms from using it.

“A lot of times it’s about stealing employees. And when you’re in a talent war right now, everyone’s trying to steal employees,” she said. “It’s one of those things that nobody’s thought about in the beginning [of coworking’s emergence] that is now rearing its ugly head.”

While up to 10% of Salt Lake City-based Bridge Investment Group’s 14M SF office portfolio is expected to be held by coworking operators and flex office space in the next two years, CEO Jeff Shaw said he is seeing a growing demand for more private office spaces with flexible lease terms due to a variety of concerns over shared workspaces, including trade secrets.

“I cannot say that that's causing the change,” he said. "But I can tell you there has been more and more interest in securing flexible office space outside of the traditional coworking environments."

Those concerns are helping fuel Breather’s business. The firm is a provider of flex office space with 500 private offices ranging from 300 SF to 20K SF across the U.S., Canada and London. Customers rent anywhere from the hour to up to four years, Breather CEO Bryan Murphy said.

“After about six months [in coworking], you realize you have no privacy, people are hearing their conversations,” Murphy said. "Everyone knows when you got visitors and who those visitors are."

Breather Space at 122 Hudson St. in New York City

It's Who You Know. Or Don't Know.

Eavesdropping is one of the biggest risks in open office environments, whether intentional or not.

“Imagine you're sitting there and going over your forecast ... and who knows who is walking past that. I think that's a real challenge for people,” Murphy said. “If you're a freelancer, you probably want no privacy because you want to mix and mingle and get around and share ideas ... But if you're a tech or financial company, that's the last thing you want.”

“It's a complicated part of our business,” Industrious CEO Jamie Hodari said. "We're sticking companies together, and you have to deal with all sorts of questions of what it means to be a good neighbor. It's like the difference of living in an apartment building than living in your own stand-alone house. You got people on the other side of the walls, above and below you, and I do think it requires a bit more sensitivity. On the flip side, this is all new."

Hodari said his company, which has grown to be one of the largest coworking providers in the country, had to navigate these issues early on since some of its clients included government and military contractors and large banks.

Industrious designed security protocols, especially for online networks, that address their concerns. Industrious also has a larger portion of private offices to offset the common work areas.

“All companies should have that now, because it is inevitable that their employees are going to find themselves in settings surrounded by people who aren't their colleagues regardless of whether they're in a shared workplace,” he said.

The issue of intellectual property security is a growing one for coworking operators, Global Workspace Association Executive Director Jamie Russo said. Right now, companies that enter into coworking agreements, especially tech startups with a recent boost of funding and major corporations, often have their own set of privacy demands that the operators adhere to.

These include standards for IP protection, the availability of private spaces for sensitive conversations and requiring employees to use screen protectors to deter wandering eyes.

But those demands are normally only able to be handled by the biggest of the coworking players, Russo said.

“Roughly 80% of the coworking market is made up of independent operators that have fewer than five locations,” Russo wrote in an email. "I suspect that most of these operators do not address these topics in contracts unless a corporate occupier sends the agreement to their legal team and marks it up with their own compliance language."

Stratfor Chief Security Officer Fred Burton

Spies Next Door

Foreign governments also have a huge appetite to target technology startups in America, especially those that are working on systems that could eventually be co-opted by branches of the U.S. government, Stratfor Chief Security Officer Fred Burton said. Stratfor is an Austin, Texas-based private geopolitical analysis firm.

He said countries like Russia and China deploy spies to work with or around startups in places like Silicon Valley and Austin to get an edge on the future pipeline of tech, either copying those systems or designing resistance measures to them.

The way they pry into targets may have little to do with hacking into networks or other cutting-edge tech eavesdropping methods. Spies have been known to moonlight as office cleaners, roaming around a floor after hours and using iPhones to take pictures of workstations and documents, Burton said.

“If I wanted to figure out why or what you're working on, I'd simply get an intern or employee [placed] inside your newsroom to overhear, listen inside your meetings … and ask you what you're working on and most of the time you'll tell me,” Burton said. “I don't have to hack into your system. I just have to have someone work next to you who knows what you're doing. It is just that simple sometimes. It is basic agent 101.”

Rogue employees also pose another big risk, especially for startups. Often, many of these companies are lax in conducting background checks of potential employees in an effort to hire quickly, Burton said. That can leave them open to having a spy planted into their midst and secretly record work conversations and meetings.

“Of course folks would like to think that people don't do that,” he said. "But I've been around the intelligence community for a long time, and this is what people do."