Images to show security considerations

Remote Project Management: Security Considerations

Protecting your project against known risks is one of the keys to its success. One of the elements that is different when managing a project remotely is security.

Security considerations can take two forms, namely data security and the security of your hardware. Both have novel challenges when dealing with a project that is being ran remotely.

Here, we’ll explore:

  • The actions you need to take to ensure data security
  • Systems that you can use to mitigate risk
  • How to protect your equipment and hardware

Giving you an overview of the security aspects that you need to assess for your location independent team.

Keeping your data secure

A lot of the threats to your data are the same whether your team are working in the office or at home. You need to ensure that you mitigate risks such as:

  • Hacks to your system
  • Data breaches
  • Ransomware infecting computers
  • Data wipes due to hardware failure

Along with your IT team, there are some simple steps that you can take to prevent these as best you can.

In a closed system with defined and well-managed endpoints controlling your data streams can be easy. You need to be more sophisticated with a remote team, taking steps like:

  • Managing your team’s operating systems, ideally having everyone on Windows 10, with automatic updates enabled, and Windows Defender turned on – this should be more than sufficient security
  • Enable cloud-based monitoring so your IT team can access everyone’s desktop where necessary and monitor activity for anything suspicious
  • Have all your software licenses checked to make sure they cover remote working and add new accounts where needed, this will ensure all updates can be received
  • Ensure your servers have the right protection when allowing external access to their data flows

You should also make sure that your Acceptable Use Policy is appropriate for your remote workers. When a device is being used at home there’s risk that a child might want to use it or it will be used to access Internet of Things (IoT) devices. Whether your security consultant thinks this is an acceptable risk will need to be determined.

Systems to ensure security

As well as making sure your existing software is robust and suitable for your project’s team to work from home, there are new things that you can introduce to add more layers of security to prevent hacks or data leaks.

  • You can investigate adding a 2FA system that will make sure secure actions are double authenticated
  • The team can access a Virtual Private Network (VPN) as an extra layer of defence against hackers
  • Install suitable firewalls and geo-blocking features that can cope with multiple locations logging in

You can also engage the services of a data security specialist to be sure you’ve covered all bases. Particularly if your team will be working with sensitive data, you want to be sure you’re not exposing your client and customer information unnecessarily.

Physical security

The stories of government issued laptops being left on trains or in cafes haunts people in charge of data security. You can have the most robust software in the world, but you can’t program against carelessness or the theft of a computer.

One simple way to mitigate risk when a device could get lost or stolen is to have all the data stored on a cloud system so the computer is basically a brick with login details. Sometimes this isn’t always possible, and there is also inherent value in the devices, too.

When setting up a remote team you need to make sure you have adequate insurance. If you’ve already got a policy in place, be sure to update them on any new hardware you’ve bought into the company.

It’s important to understand the terms on which devices used away from your office are covered. Ask your insurer:

  • What security does your employee need to have at home in case of a claim of theft?
  • Is unattended hardware covered, e.g. if a computer is stolen from a parked car?
  • Will they cover the device if it’s taken overseas and under what conditions?

And be sure that these details are clearly communicated to the people who you provide computers, graphic pads, tablets etc., too.

Conclusion

Looking after the software, data, and hardware on a remote project     is different to an office-based project. Security when managing a remote team still needs to be as robust and well communicated to everyone.

Prepare your software to be protected against potential hacks or malicious software and make sure everyone who has a piece of kit provided by the project is insured and knows their responsibilities.