Remote Leadership and Management Program

Previous Lesson

E. Protect Your Data in Remote Work

Remote Leadership and Management Program 3 – Achieve More Together E. Protect Your Data in Remote Work

Introduction

Keeping your business information confidential and secure is vital, but in the Philippine culture, it is often overlooked. Some of your remote contractors may have access to commercially sensitive information without realising its context or how sensitive it is. You may be vulnerable to breaches, but by implementing training and safety guidelines, you can safeguard your business.

Some security measures you implement in the workplace may not apply to your remote team.

You may need to add more precautionary measures to some processes related to accessing private data and information, such as the use of Remote Staff’s security system. However, it’s always a good idea to reinforce the importance of security for your business.

 

Your Top Priorities

Protect Your Company and Customer Information

Remote Staff guides your remote contractors not to discuss information regarding clients and their customers with their fellow workers. There is a big possibility they may work for your competitors. We strongly discourage the use of actual names, even for exchange of valuable knowledge or best practices. Both you and your remote workers must handle personally identifiable information of you or your customers with utmost confidentiality.

 

Limit Access To Critical Information

Be especially mindful of sharing access and information. Always check the sharing settings of your files and tools that you use for collaboration. Restrict access to credentials of important accounts by using password management software.

 

Train For Confidentiality and Information Sensitivity

Advise them on recognizing sensitive information and continually stress the importance of protecting access and usage of customer data and information. Simplest way to do this is to mark specific documents as confidential though this may not prevent them from sharing the file to someone else. Maximize document protection features such as password protection and requiring them to access using their company emails to track access and sharing.

 

Quick Tips

1. Maintain physical security of your devices/notes

  • Don’t leave computers, laptops, or smart devices unattended when in public places.
  • Lock computers, laptops, or smart devices whenever you  leave your  desk, and at home.
  • Collect computers, laptops, or smart devices and files at the end of their workday, if you  don’t have a separate area for work.

2. Practice Safe Online Habits

  • Beware of phishing sites and emails that aim to collect private data and information, such as credit card details.
  • Refrain from opening or clicking suspicious attachments or links both from known and unknown sources.
  • Be careful when downloading and/or installing applications or software (even if it is for work-related purposes).
  • Refrain from sharing public links, instead always share through a private email.

3. Digital Security Guidelines and Passwords

  • Log out from accounts after a workday to avoid hacking, in case computer, laptop, or smart device gets lost or stolen
  • Put a password on Zoom meetings to avoid unexpected and uninvited participants from joining a meeting.
  • Make sure computers, laptops, or smart devices are not visible and file sharing is turned off when connecting and using a home Wi-Fi.
  • Make sure computers, laptops, or smart devices used for work are password-protected.

4. Activate Account Security Features

  • Use two factor log-in processes (i.e. using your mobile device to authenticate – all major services offer this option now)
  • Secure home Wi-Fi with a strong, unique password.

Everyone is responsible to secure the confidentiality of your company’s data, and the information entrusted to them. And, it’s your responsibility to constantly remind your remote team on how to safeguard data and information that they have access to. All the above tips are useful, but we also get our remote contractors to sign a non-disclosure agreement (NDA) before it exposes them to any sensitive information. If you are concerned, you can enter into your own NDA with the remote contractor.

 

How to Handle Security Breaches

You may have taken all the right steps to keep your business safe, but breaches happen on the rare occasion. Protect your business and keep your remote contractors informed about the consequences of breaches.

Make sure your remote contractor, or your co-located staff, feel comfortable to report any security breach to you immediately without fear of reprisal. Set expectations that everyone is responsible for security.

Your remote contractor should also know what actions to take in case breaches happen. For example, if they lose a laptop then the process would be to inform you immediately so your IT team can change access codes to any sensitive data.

 

High penalty for security breaches in the Philippines

It’s unlikely that your remote contractor will intentionally breach your security. If they understand your security concerns, they are likely to abide by it.

A pig bank, handcuffs, and a mallet represent legal expense concepts.

There is a harsher penalty for security breaches in the Philippines than in Australia, and it’s an expensive and challenging legal process for the remote contractor to defend themselves.

 

How Remote Staff Handles Damages and Breaches

Remote Staff handles damaged equipment on a case-to-case basis. If natural disasters such as typhoons and floods damage equipment and the remote contractor has enough evidence to prove having no control over the situation, then we recommend you to absorb the cost and move on.

Tip

Our remote contractors sign a non-disclosure agreement (NDA) before they are exposed to any sensitive information. If you are concerned, you can draft your own NDA contract for your remote contractor.

 

 

We could have avoided two out of four of the breaches with better checking systems in place when a remote contractor deleted a very large sum of raw file codes. And, we should not have given full access to bank accounts to a terminated remote contractor who paid himself after his contract was terminated.

With over 8000 remote contractors, there have only been four disputes concerning security breaches.

Immediately report to your account manager when a security breach occurs so we can help you manage it and take corrective actions. We’re here to help you.

Avoiding and handling breaches begins with your good management. Keep your remote contractors informed about your guidelines, confidentiality agreements, and the consequences of security breaches. Most people want to keep their jobs, so protect yourself and your employers by implementing the action steps above.

 

Resources

Try It Out

Do you have a security policy? Revisit it and see what else you can add and/or modify in it, considering the addition of your remote team. If you don’t have one yet, discuss with your remote team (and IT team) the possible guidelines you can put in.

Security Risk Assessment Template

 

Previous Lesson
Back to Module