Being a remote contractor has its benefits–like not having a boss, working in your pajamas, and all the insane things that we say we could do (but never actually do them). However, with this freedom comes great responsibility. Security. Keeping your client’s data secure is top priority, a serious error could result in losing your hard-won reputation or –in extreme cases– a lawsuit.

Last week we addressed Securing Your Business When Using Remote Contractors. Now, let’s turn our attention to remote contractors’ handling of potentially sensitive data – are you doing everything you can to protect your clients?

Basic Security

My earlier post on Securing Your Home Network – is  a good basic primer to lay the groundwork for your security plan. But the basic checklist is: VirusScan, Anti-Malware and a good Firewall. If you have any doubts about the authenticity of an application that you’re running, Sandboxie is a great Windows application that will run any program in a virtual environment, safe from your local files.

A password on your computer is a good deterrent if your computer is off, but if you’re worried about physical access, consider enabling the screen-saver to lock your machine as well–see Microsoft’s instructions for more on how to enable this feature in XP.

Testing Environment

If you’re developing software or web solutions for a client, then it’s common to put your client’s data on some kind of test server. Make sure you know the nature of the data and how secure the server is. If you’re using a hosted solution, make sure it’s a reputable provider with good security, and if you’re using a cloud solution like Amazon’s AWS, it is worth reading Amazon’s Security Best Practices Whitepaper. In cloud environments with so much control over the servers, you are responsible for server configuration, so make sure you know how to secure it.

Backup

While it’s arguably better to have your work lost forever than for it to be stolen, it’s a good idea to keep a secure backup. While an external hard drive is a good start, it’s vulnerable to the same disasters that your computer is: drive failure, fire, flood, theft, etc. Secure remote backup services like Carbonite, or even something as simple as DropBox or SugarSync use 128-bit (military grade) and/or 256-bit AES encryption to transmit/store data.  So, as long as you understand the “sharing” features of these services, it’s a good option for keeping secure backups.

The bottom line is, backups are good. Just make sure you and your client are the only ones who can access them.

Project Cleanup

Be sure you discuss a cleanup plan for after the project is completed. Some clients may want you to keep a courtesy backup for 30-90 days, others may prefer that you delete all of the files upon delivery. Make sure you ask up front, and double check at the end of the project as well to avoid any problems.

The key to security is awareness and knowledge: be aware of the tools you’re using, how they work and who has access to your data–both online and through physical access.

Alex Hornbake is one of several freelance writers on the oDesk Blog team. He joined the oDesk marketplace in 2009, and brings more than a decade of technical expertise to his clients. Alex shares his point of view to help you make informed decisions for your personal and business technology choices.