An Employee's Guide to Privacy & Security in a Remote Office
The recent outbreak of COVID-19 has resulted in many changes in the way we operate on a daily basis. With more significant physical distancing and quarantine measures coming into place, many of us have been transitioned to working in a remote environment or a home office. When working remotely, it is important to pay particular attention to the privacy and security implications of working away from the security of your office, particularly for those in a health-care related field. This is a short guide to help you ensure you are managing all personal and sensitive information as responsibly as possible and that you can continue to do your job successfully in these unprecedented times.
Privacy Best Practices
Protecting the privacy of individuals’ information that you manage while carrying out your responsibilities is of utmost importance and can be more challenging when working in a remote environment. Follow these best practices to ensure that you are managing sensitive information responsibly:
Phone and Video Calls
- Any phone calls or video calls should be completed in a private room where you will not be disturbed, and your conversation will not be overheard.
- For video-calls, there should be no one walking into your background and it is essential that there is no other confidential or sensitive information visible through your webcam. This means your desk should be clear and if anyone is in the house with you, communicate with them to ensure they do not interrupt you.
- Whenever possible, you want to make sure all business-related information is stored on a business device.
- If you do need to use a personal device to complete business tasks, follow the necessary security precautions outlined in the Device Security section of this guide.
- Don’t take any paper files home unless absolutely necessary to complete your job.
- Any paper files that are kept at home should be locked away when not in use.
- Use business email accounts rather than personal ones for business-related emails
- Before sending an email, double check that you are sending it to the correct recipients.
Security Best Practices
Whether you are working with a business device or a personal device, it is essential to take a proactive approach to managing security when you are away from the safety of your office. Follow these security best practices when working in a remote environment.
- Ensure all devices are password protected and lock them when not in use. This also means securing your device from family members and others who may be living with you. If you are using a shared device, you must make sure that any confidential information is blocked from their access.
- Setup a secure backup strategy to ensure that important files with sensitive information are not lost.
- Ensure that any portable storage devices (such as a USB thumb drive or an external hard drive) are encrypted and password protected.
- Encrypt any personal devices used for business-related duties.
- Use anti-virus and anti-malware software and make sure that it is kept up to date.
- Beware of phishing scams that come to your email address and never click on a link that you don’t trust.
- Make sure you are using a secure internet connection. For personal networks at home, set up a secure password to ensure that no one outside your house is using the network.
- Avoid public shared WiFi networks. If you need to use a shared WiFi network you should try to avoid sending or receiving any sensitive or confidential information, and you should use a secure VPN, personal hotspot, or some way to encrypt your web connection.
- When sending documents outside your business intranet, encrypt them and send the password separately using a different media, i.e. send the password (only) by text message.
- Lock all your doors and keep any sensitive files in a locked file cabinet.
- Never leave your devices or any sensitive files in your car unattended.
- Do not leave any sensitive information lying around your house where family members or people who live with you may be able to see it.
Published on July 27, 2020