In our last blog, we talked about Policies and Procedures manuals and the
reasons it is important to have a manual for your firm – no matter the
size. This blog is going to focus on
another important aspect of policies and procedures – your remote workers
More and more firms (and, of course, other businesses) are giving
employees the flexibility of working from home.
In some cases, attorneys will work full time from their home offices. Along with all of the benefits of working
from home, there can be security concerns.
We need to make sure that we are guarding the confidentiality of our
clients just as carefully in these home office situations.
Below is a list of items you may want to consider including in your
remote worker policy:
Employee should have a dedicated workspace.
Computer provided by the firm, accessed by
assigned user only, credentials are never shared, and it is used for work only.
Computer should be locked when not in use and
should be password protected.
Malware/virus software should be maintained and
updated by the firm’s IT personnel.
Wi-Fi/Internet at home – high-speed connection
with ample signal strength and must be secured with WPA or greater encryption.
Laptops should not be accessed in off-site
locations utilizing public/open Wi-Fi connections. If the employee must work at an off-site location,
the employee should use his/her phone as a hot spot.
Laptop should be password protected, encrypted,
and kept safe and secure – preferably never left in the car. If laptop must be left in the car, it should
be put in the trunk or somewhere completely out of sight.
Any documents containing confidential,
privileged or other protected information that are printed at home need to be
No work documents should be accessed from any
When taking work-related phone calls at home (or
at any other location), employee should make certain no one can hear the
Clients should only be contacted using firm
email accounts. Gmail and other
web-based email accounts are not as secure.
Employees should email personal contacts using
only their personal email accounts.
Personal email accounts should not be integrated with the firm email
The above list is certainly not an exhaustive list but instead offers some
suggestions to get you started. We also advise our clients to institute cell
phone and e-security policies. We recommend working with your IT professional to
develop your own comprehensive remote worker and e-security policies.
Since statistics show that remote work is here to stay, it benefits us,
our clients, and our employees to have clear, specific guidelines in
I am a NC licensed attorney and practice in The Brocker Law Firm, P.A. I represent attorneys before the State Bar on grievance matters, and also counsel attorneys on ethics matters. I previously served as Assistant Ethics Counsel to the NC State Bar for over 10 years. View complete profile