DLP

11 Tools to Help You Stay Secure and Productive While Working Remotely

  • 23 March 2020

With the outbreak of COVID-19, organizations are relying on tools and software to enable their employees to work remotely. While this transition from office-to-home may be relatively seamless for some, it can be quite a challenge for those who didn’t already have these virtual systems set-up and deployed.

As a tech start-up, Tessian has had remote-working processes and security policies in place since the beginning and, as a part of that, we have a long list of fully vetted productivity tools and software that we’ve made available to our employees. 

So, to help IT, security, operations, and HR teams around the world balance productivity and security, while also attempting to conduct “business as usual”, we’re sharing applications we use to ensure our people are always protected while working, whether that’s from the office or from home.

“We scrutinize and vet all applications to ensure they comply with our own strict data and privacy protection criteria.”

What should you consider before onboarding an application?

There are a lot of collaboration and productivity tools out there. But, it’s crucial organizations only use those that have the highest standards and protocols around safeguarding data. 

At Tessian, we scrutinize and vet all applications to ensure they comply with our own strict data and privacy protection criteria.

While the below assessment isn’t exhaustive or applicable to all tools, software, or applications that might be useful while employees are working remotely, it should help you identify products that are sound from an information security and data protection perspective. 

  1. Does the application process personal data? If so, why and in what volume?
  2. Where is the data processed? 
  3. Does the application take back-ups of data? If so, how often?
  4. Who has access to the data in the platform?
  5. Is access conditional upon Multi-Factor Authentication (2FA, for example)? 
  6. Does the application have a policy in place that addresses Incident Response to patching and other security issues?
  7. Does the application protect data in transit between services using encryption? 
  8. Does the application protect internal data in transit? If so, how?
  9. Is the application certified with any regional or international data security standards?

Not sure where to find all of this information? You should be able to find vendor’s privacy and data policies on their website. You can also contact them directly. For example, we always ask that a vendor assessment form be completed and, when solutions process a large amount of data, we’ll schedule a follow-up call.

“Top tip: To ensure your employees are enabled to sign-in to all of these different apps securely and quickly, we also recommend using a password manager and Single Sign-On tool. ”

Collaboration and productivity tools we use at Tessian

Zoom

Used across every department at Tessian, Zoom is a video conferencing platform that helps keep us connected with each other and our customers across continents. Now, we’re even using it for our weekly all-company meetings, which means almost 200 people are joining at once.

It’s made collaboration – especially in isolation – much easier. 

You can record the sessions, break larger groups into smaller teams via Breakout Rooms, and there’s an add-in for calendar systems which makes scheduling virtual meetings as easy as in-person meetings.

While they’ve always offered solutions for educators, healthcare providers, and virtually every other industry, Zoom has developed even more solutions and resources in light of the pandemic. Use this resource to find out how Zoom can support businesses moving to a remote-working model.

Clubhouse

While we use other project management platforms like Trello, Clubhouse is a favorite amongst our product and engineering teams because it’s made specifically for developers and is deeply integrated with GitHub. It makes creating and tracking workflows for features, bugs, sprints, or long-term projects easy.

GitHub

For most engineers, this is an obvious one, but worth mentioning nonetheless. GitHub was built for developers and allows users to host and review code, manage projects, and build software, all in one place. 

Importantly from a security and admin perspective, you can deploy it to your environment or to the cloud. 

OpenVPN

In any remote-working environment, secure access to network resources is the top priority. If employees can’t access their work, they can’t do their jobs. And, to prevent employees from sending work emails to personal accounts or exfiltrating data, organizations have to implement a solution that extends to different sites, devices, and users. 

We use OpenVPN. In addition to extending centralized unified threat management to remote networks, encryption ensures privacy on different Wi-Fi networks. 

Google Drive

We also use Google’s cloud storage system, Google Drive, to enable file sharing in and out of the office.

Again, the name of the game is collaboration and with integrations into other applications like Google Docs, Slides, and Sheets all available on desktop and mobile, it’s easy for different individuals and entire teams to work together. 

But, it’s important that you implement security processes to ensure everything you store in your Drive stays safe. To start, you should secure access to the Drive by enabling 2FA for all Google Accounts and set-up strict policies around sharing documents externally. You should also limit access internally to different Drives. For example, each department can have its own, limited-access Drive in addition to an all-company Drive.

Peakon

Knowing how your employees are feeling is essential for business growth and personal development. Of course, gauging employee engagement and experience is easier said than done and is especially difficult when your entire organization is working remotely.

Peakon does the heavy lifting for you via bi-weekly online surveys and enables HR, People, and Executive teams to make changes to their organization that make an actual impact. How? By gathering feedback from every employee anonymously and comparing results to industry benchmarks. 

IronClad

IronClad is a digital contract platform that makes workflows for legal, finance, sales, and recruitment teams seamless. 

The difference between this application and other services that let people “sign” digital agreements (DocuSign, Adobe Sign, etc.) is that IronClad extracts and catalogs metadata from contracts and integrates with other systems and platforms to make information accessible and actionable. 

Slack

According to the brand’s tagline, Slack is “where work happens” and, while many organizations use it in an office environment on top of email, it’s especially helpful for remote-working teams. 

You can create different channels for different projects or conversations, update your “status” to let your co-workers know you’re ill, in transit, or away from your computer, and even loop in contacts from outside of your organization. 

The company has seen a surge in usage since the outbreak and is rolling out new features to make the app (on both mobile and desktop) easier to use. Better still, there are three different plans available depending on your needs, including a free version

Confluence

Confluence – an Atlassian product – is a knowledge management tool. We use it as an ever-evolving source of truth for our organization: our wiki. Every team inputs and updates key information – from processes to KPIs – so that internally, anyone, at any time, anywhere, can quickly and easily find answers to questions related to onboarding, our products, or internal policies. 

Figma

Used by our product, design, and marketing teams, Figma is a web-based all-in-one design tool that makes collaboration and iteration fast and easy. You can share projects internally or externally with a URL, which means you don’t have to continually upload, save, or sync projects. 

This is huge and means you can move from design-to-code more seamlessly.

Beyond that, there are built-in commenting features that can integrate with Slack so that different people can track progress and flag issues in real-time. 

Astute eLearning

The need for training, whether around compliance, security, or something department-specific, doesn’t go away simply because an organization has moved from an office to a virtual environment.

And, unfortunately, engaging with employees for training can be hard in-person, which means it’s an even bigger challenge while they’re out-of-office.

At Tessian, we’ve used Astute eLearning, a web-based learning experience platform that lets your employees complete online training. Using the platform’s bank of certified videos and skills-assessments, you can monitor your employees’ progress through courses and, from that, identify and close any skills gaps

Top tip: To ensure your employees are enabled to sign-in to all of these different apps securely and quickly, we also recommend using a password manager and Single Sign-On tool. 

Want more information?

As we all try our best to adapt to the “new normal” during these uncertain and challenging times, we’ll continue sharing best practice tips to keep our employees, customers, and the general community secure while working remotely. 

Check back on our blog for the latest updates.