How to secure client data when you work remotely

Feb 18, 2020

Securing your client's data is one of the most important things you can do as a freelancer. If you don’t, you can put your client at risk of a data breach, a malware infection or worse. This can cause them huge financial losses and damage your reputation as a freelancer. But even though security practices are important, very few freelancers know what to do.

Here are some of the best ways to ensure your client’s data security:

Develop a Strict Cybersecurity Policy

The most important step in securing client data is making sure that both you and your client fully understand that data security and privacy are a priority. Although the benefits of data security and privacy may be obvious to you, many clients will be completely unaware and see no importance in them at all.

Both you and your client may assume that if you’re not working with things like customer payment data or core system files, data security isn’t something to worry about. But neither of you can afford to take that risk, especially if you’re working remotely.

The single best thing you can do is develop a strict cybersecurity policy that has to be agreed upon and understood by both parties and fully implemented. This may require a lot of back and forth between you and your client.

The policy should outline the exact reasons for having strict cybersecurity protocols. It should detail the potential threats as well as outline how each protocol should be implemented and upheld, both by yourself and the client. The exact tools you’ll use, such as VPNs or proxy servers, should be stated here.

Both you and the client should take complete ownership of keeping data secure. By having a detailed cybersecurity policy, you will all be on the same page and set a solid foundation for working together. However, if your client has security loopholes on their side, such as a poorly secured network or a web host or web domain with unreliable hosting, there are multiple angles for an attacker to go after with that you can’t prevent. For this reason, the cybersecurity policy has to be put into effect on both sides, not just yours.

Secure Every Internet Connection

Working remotely is a minefield when it comes to data security. By far the easiest way to expose your client to a data breach is to work over an unsecured Wi-Fi network. Every freelancer, at some point, will get out of the house and work from a coffee shop, beach bar, or even an airport. This can be due to wanting to socialize with others, but can also be a necessity of the freelancer lifestyle, especially if you’re a digital nomad.

This kind of worklife doesn’t need to change, but security has to be taken into account. The simplest solution is to use a VPN to secure your activity. When you use a VPN before signing into an unsecured network, you encrypt your web traffic, allowing you to access client data with a heightened level of security. As unsecured public networks can be easily accessed by bad agents, accessing them without encrypting your activity could allow others to access just about any client information they want, such as login information or customer payment processing information.

That said, not all VPNs are themselves secure. Make sure you find a VPN that has a solid track record and a strong reputation.

Create Strong Passwords and Change Them Often

Your passwords and your client's passwords are more important than you probably realize. It’s not uncommon to hear jokes about password security, with many people boasting they use the same password on every account, or that password includes their birthday or other easy-to-guess information.

Unfortunately, having a simple password on every account is the equivalent of leaving a hacker an open door. And in an age where many businesses exist almost entirely online in the cloud, one open door can give a hacker access to everything at once.

Employing password managers and checking to see if your passwords are strong is a great step in helping to keep client data secure. Make sure any accounts you use for clients have strong passwords and ensure that you have reminders set to change them every few months. Password managers such as 1Password can be helpful here. They can randomly generate passwords and store all your passwords in a secure location that only you can access.

This is even more essential if you’re accessing client accounts that manage their most important data. You may be running e-commerce websites that handle customer information, which would be a goldmine for any nefarious hackers. In order to not slip up on crucial accounts like this, it’s best to take a password security-first approach so you never let yourself (or your client) down.

Use Two-Factor Authentication

If a strong password can help to secure your client's data from an attacker, two-factor authentication is like putting Superman in front of it. Unlike a password manager or a VPN, two-factor authentication doesn’t require you to change login information every few months.

Two-factor authentication is one of the most fundamental ways to secure your computer, requiring a second set of login information that is typically provided to another device (such as a numerical code sent to a mobile phone). This means that even if a bad agent has access to your password, they still won’t be able to access your client's data.

If you are more serious about security, you could use multi-factor authentication, such as retina, fingerprint, or facial scanners, like the ones seen on many mobile phones. This level of authentication is even more secure.

This is a post from a member of the Freelancers Union community. If you’re interested in sharing your expertise, your story, or some advice you think will help a fellow freelancer out, feel free to send us your blog post.

Samuel Bocetta

Sam Bocetta is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyberwarfare, cyberdefense, and cryptography.