Jobsity’s Top 5 Tips for Secure Remote Work

In our 8-year history as a fully-remote company, Jobsity has always made security a top priority. Since our business model is to enable South American developers, coders, and tech workers to work as full-time employees for North American companies, secure remote work has long been an essential part of what we offer our clients. It’s a non-negotiable, something we need to ensure 100% of our clients can rely on 100% of the time when they work with us. Across 9 countries, 150 teammates, and with an ever-expanding list of clients, it’s more important every passing day.

In the past, we’ve written about making an informed cost-based analysis of remote work versus in-office work, and we’ve helped teams explore their needs in order to make an informed workflow decision on whether or not to bring remote workers onto their existing teams’ we’ve also offered our tips for working with Zoom, Slack, Asana, and more. But when it comes to making choices to keep your remote team secure, here are our top 5 tips for managing a safe remote work experience:

A VPN, or “Virtual Private Network,” is a system that allows workers to send and receive data across a closed remote network as if their computers were connected to the same in-person network. In other words, it allows your virtual team to connect as if they were connected to the same in-office network. For remote teams, your VPN should be encrypted, and password-protected, so your team will not only be able to share access to certain licensed programs, which can aid in collaboration and group work but will also be able to rely on this level of security to ensure data sharing will be closed to outside access. It’s the first, basic level of security and is a non-negotiable for remote work.

This may seem like a no-brainer, or it may seem unnecessary since your devices will likely be strewn no further than your bedroom floor or coffee table (or in your well-partitioned remote office!), but an unlocked device is easier to enter through the cloud, through a data breach, or inadvertently by a curious child (during this time of family-work blurring!). Even an especially gregarious cat can make for an awkwardly sent work email, or security breach if you leave your laptop open and unlocked near their territory. Best to be prepared and keep all your devices locked and/or closed when they aren’t in active use.

3. Change passwords (often)

It both goes without saying and bears repeating: passwords are necessary. And not Welcome1, 123ABC, or the default passwords your router or other devices had when they were first installed. Passwords are our first-line security, and if you don’t change them often (and especially change the defaults) you are inviting intrusion into your private and professional digital spaces. Yes, we know it’s annoying; yes, we know it means you’ll be locked out on your phone and have to go through a round-robin rigamarole to get everything back to easy-access. But that’s the point: you don’t want access to be easy. Consider setting up an automatically required calendar for passwords renewal for yourself and for your team. If it’s a periodic annoyance, then you're doing it right.

When you work on an encrypted VPN set up by a central IT workforce, your files and digital workspace will remain secure; and when security is compromised, IT will be alerted. However, if you mix in, say, your personal Google account with your work files, you will compromise this system and risk making your personal files insecure, or creating compromised work information based on what you might inadvertently share. The best course of action is to use only your work accounts on your work device, and your personal accounts on your personal device, and not to mix the two. This will ensure your work system’s security is as absolute as possible, and your personal systems remain personal. Even when you share photos of your cat.

Zero Trust is the newest thinking in cyber and remote work security. It is a set of paradigms that ensure that no user, no access and no digital identity is granted access to a system or network based on simple unquestioned identifiers like network ID or physical location. With zero trust, all users and all devices will need to pass authentication as discrete functions (2-step verification, FaceID, etc) before any and every enterprise resource session is established. It is, simply put, a way of thinking about security in absolute terms: no one enters anything until they are both verified. Such thinking ensures that security is the priority, over ease of use, speed, or functionality of access. For remote employees, it may slow some work down in the short run, but in the long run, it ensures that the work can go on—securely.

With the COVID-19 virus wreaking havoc on the economy and our usual work practices, these are bound to be trying times; let’s ensure we secure our digital lives as best we can so we can focus on securing our personal and mental health instead! If you have any questions or have your own remote work security tips you’d like to add, don’t hesitate to get in touch.

Stay tuned for the next article of the series!

--

If you want to stay up to date with all the new content we publish on our blog, share your email and hit the subscribe button.

Also, feel free to browse through the other sections of the blog where you can find many other amazing articles on: Programming, IT, Outsourcing, and even Management.