How to Protect Your Confidential Information When Outsourcing
One of the most common questions we’re asked in discovery calls is how do we protect our client’s confidential information.
Is this something you’ve thought about? Just how committed are external contractors to protecting your confidential property and how can you be sure your IP is safe?
In this article we’ll show you our own process (giving away our own confidential information!) complete with a checklist so no matter who you work with in the future, you can be sure your confidential information remains just that … confidential.
On a related subject, here are 7 ways to keep yourself secure online.
As a team we’re committed to the security of internal and external IP for devices and cloud-based information. We’re also insured so if the worse happens and one of our clients does have a breach of data, they are covered. Our contractors each sign a comprehensive contract before they start working with us, covering clients for confidentiality of their IP and where asked by clients we have DAS’s in place.
What legal safeguards does your contractor have in place for you?
What a minefield! Hackers, spammers, trojans, viruses … cyber security is something every business needs to be aware of. No matter how big or small you are.
To show you the extent of our own commitment to security, here’s a glimpse into what we do behind the scenes to maintain client confidentiality. Devices, logins and access to cloud … it’s all protected.
Does your VA (or your own business!) have a cyber security process in place and followed by all?
To secure all internal logins, we use a password manager to keep all passwords and usernames stored and accessible, but still protected. Password managers add an extra layer of safety that is further boosted by two-factor authentication and backup security emails, which we enable. Since browsers can easily be exposed to security breaches, we don’t save any logins in our browsers, and we conduct audits of our systems regularly. However, we value adaptability, so if a client already uses a separate vault to manage their logins, we’ll create an account with that same system to make coordination easier for the client.
Some of the more popular password vaults are:
As a team, we all have antivirus protection on any computer or laptop used for client work. On top of that, we ensure that all software, operating systems and app are updated. Because our devices need to work efficiently to protect your IP (not to mention to do our job!), we do simple things to maintain their health like shutting down at the end of the day rather than putting them to sleep and check suspicious links with tools like Google Safe Browsing before clicking. Finally, come worst-case scenario, our team knows exactly how to erase all data on any device should it be lost or stolen.
What would happen if your virtual assistant’s phone was lost or stolen. How would you be protected?
We prioritise accountability and transparency, so our contractors commit to following our security process by signing it during onboarding, then when they’re accepted as a permanent contractor and again annually. We file these in Google Drive for safekeeping, and as proof that our team accepts responsibility for performing the steps laid out in our procedure.
What checks do you have in place to ensure what is promised is carried out?
A monthly checklist you can use to manage your confidential information:
Perform the Security Dashboard Audit in LastPass
Log out of all devices
Change your LastPass (or similar) master password
Change passwords for apps or software you use most often (using LastPass to suggest password)
Ensure find my phone/device is turned on (if applicable)
Ensure you have logins for your (as applicable) iCloud, Google, Microsoft, LastPass and/or other critical logins stored somewhere other than your devices in case of emergency.
Your virtual assistant wants to help keep you safe, and you should feel comfortable handing over confidential information to them. You need to so they can do their job! Never feel like you can’t questions about their steps to keeping your confidential information secure. Being clear about your expectations saves a lot of grief should the worse ever happen down the road.