Data security is getting more and more attention. What measures do you take to ensure your sensitive data is protected if the part of your software development team works remotely?
I believe it doesn't matter if your team is remote or working on-site. The important thing to understand is that if somebody on your team wants to disclose sensitive information, you can't prevent it. So the only measure you can take here is hiring trustworthy people.
From the technical perspective, the following measures can help:
- Set up VPN for your employees and restrict access to your infrastructure only from certain IP addresses.
- Ask your employees to encrypt their hard drives.
- Enable two-factor authentication for services your team uses (Github, Google, Slack and etc.)
Hi Igor. It's important you hire the right people and have contracts in place. Unfortunately, its hard to enforce a contract if you are hiring people in different countries like Eastern Europe or Asia.
However, I use Dropbox for a secure data storage solution that is reliable in-case my computer or someone on my team experiences a computer crash.
But hiring people that can prove credibility and trust upfront is a must. I would review their portfolios and ask for client references.
There are a wide range of measures to be taken depending on the specifics of the circumstance. For most early stage companies, there is no customer data yet, which means the key item to protect id your intellectual property - the thing you are developing. For most software situations, this includes proper contracts and keeping source code copies and demonstrated ability to implement and operate within your own or a redundant infrastructure. For many more details, go to http://all.net/ and http://a2e.co/