4 Privacy Tips for Virtual Project Management
Virtual projects and remote teams are commonplace, but so is the risk of security compromise..
With so much of our worlds workforce moving online (globally sourced teams, time zone-insensitive deadlines, etc), concerns of privacy and security are more relevant than ever. Virtual criminals today are able to infiltrate many different systems and steal valuable information, including personal identification, credit card numbers, and more.
Beyond the criminal though, even corporations are found guilty for gathering unnecessary user data and either selling it to the highest bidder or taking advantage of it in other, profitable ways. By the act of collecting data, these organizations put themselves and their customers at risk. Companies like Portabella (a team project management application) on the other hand, believe that 90% of businesses don't even need access to customer data, in order to do their business- a key mentality that has shaped their entire platform around project workflow, with security in mind.
For virtual teams, people who are collaborating exclusively through digital tools, the quest for secure channels is even more critical. Key timelines and project notes that are exposed, could lead to the down fall of an entire organization or, at the very least, a project launch. Imagine if Apple got hacked and their next revolutionary product plans were exposed- Microsoft might have a field day, but Apple could possibly be in ruins.
Today, I want to share four privacy tips, specifically in regards to virtual teams who leverage technology for collaborative work.
1. Use an encrypted project management system
I'll start with an easy tip- use a system that prioritizes security and privacy. Most project management tools are about the same- they allow you to communicate, share messages, assign roles, etc. What they don't all do, is make users feel secure about their shared dashboards. Especially with projects that involve finances or sensitive communications, one slip of sensitive data could lead to a world of hurt for the company and individual. While traditional tools include Slack and Trello have dominated the market, there are others like Portabella (mentioned earlier) that offer the exact same product experience, but with a focus on privacy. Their CEO; Alex, is very vocal on their blog about how secure their system is and how others are lacking in security practices. You can learn more about them (pricing, features, etc) here.
2. Understand the roles of your project team members
A lot of potential data compromise (specifically social engineering) comes from a mismanagement of user roles- who can (and can't) access certain files. Founding members of a team or board of directors should absolutely have visibility into many aspects of a teams project, but that part time social media consultant you hired, probably not so much. Evaluating who your team members are and what their specific roles/needs are, should help you identify what type of access that person needs. Especially if you have team members that were brought on virtually (you don't know them in real life), establishing rules and guidelines ahead of time, is a best practice. We always assume we have the right people on the bus, but virtual project management also means managing the confidentiality of certain aspects of the job.
3. Use two factor authentication when possible
A general good rule of thumb for secure internet performance, is to use a multi-factor authentication system for accessing resources. Yubikeys and authentication apps (like Google authenticator) can help prevent unauthorized access to your resources, by requiring users to verify identity with multiple devices, when signing in. This helps protect your virtual workspaces from unwanted, infrastructure access.
Multi-factor access can also be assigned at the resource level (depending on how your infrastructure is configured and which new technologies you're using) to mask important topics from undesirable visibility. If someone were to access Apples' R&D databases and see the word "grapefruit" (silly, I know) they would not understand what is being discussed. However if the subject line reads "Updated MacBook Specs [SUPER SECRET]", that would be a bit more telling and thus, more risky for the company to have exposed. In order to see the internal name of projects, team members would need to verify their identity with 2FA.
4. Have good credential habits
Don't make your password something easy like "password1". Despite your belief in reverse psychology, most data criminals use a series of algorithms to try various passwords to get into someones account. They also know that someone who is silly enough to use "password1" as a password, probably is silly enough to use the same password on all of their accounts with every other platform they've ever used. Most computers today have suggested, alphanumeric passwords that are generated for users when signing up for new services. These are great, but if you want total separation from the risk of digital compromise, a post-it note on your desktop will work wonders, just be sure not to lose it!
Some examples of simple yet effective credential habits to follow:
- Don't use your real name in either username or password.
- Don't use the same password/username on every single website.
- DO combine numbers with letters with symbols whenever possible.
- DO keep your credentials stored in a place that is at minimal risk of being compromised.
Whether you're a project manager for a massive enterprise or on a virtual project team for university, take the necessary steps to protect your and your teams information from the risk of compromise. Platforms like Portabella are simplifying the way we handle cyber security, and they even allow you to import all of your data from other project management apps like Trello, etc. Check out their site and start using for free.
Virtual security may not seem like a big deal to you now, but with an ever increasing demand for virtual work environments, cyber will become the exclusive playing field for thieves, and their potential loot is worth much more than a few dollars out of the cash register. Stay vigilant, stay prepared.
If you enjoyed this Mod, you might like to read more about how to find and recruit the best developers! Please share this Mod using the social links below. Any questions or comments? Let us know on Twitter!