The 3 P's of Information Security and Records Management for remote workers


Organizations around the world are facing new and unparalleled challenges related to the COVID-19 pandemic. And whether employees work in a cubicle or from home, how you manage records and data is no different – everyone must comply with organizational policies. Download our best practices guide for maintaining the security and privacy of your information during this unprecedented time.

24 May 202212 min
The 3 P's of Information Security and Records Management for remote workers

Smaller businesses are more vulnerable to cybercrime, because unlike bigger firms, they are less likely to have teams of IT specialists in place to prevent or respond to a data breach, or the resources to invest heavily in cyber security.
Zurich Insurance UK

With each employee you have working remotely, cracks in the information security foundation can start to spread. Hackers know how to exploit vulnerabilities for financial gain with cyberattacks, ransomware and phishing emails on the rise.

The last thing your small business needs is an added setback as you try to grow. Help your teams manage through any remote work changes with clear communication around information safety best practices.


Provide all employees with clear and concise written policies covering key aspects of information security. This should also include the acceptable use of their laptops, phones, and other devices. As a starting point for remote working security, consider building out company policies around the following:

  • Conducting company business on personal computers or phones
  • Copying business records to personal devices
  • Sending business records to personal email or any other email outside your company domain
  • Printing business documents at home
  • Using personal flash drives to store business information

The policies don’t need to be lengthy. They just need to be clearly communicated, easily accessible, and understandable. In remote work settings, we recommend providing policies in a digital format with multiple points of contact for questions.


Remote workers need to be extra vigilant regarding the information security on all their devices. Train them to be hyper alert to cyberattacks, ransomware and phishing emails. Warn them that criminals are looking to exploit the spread of COVID to conduct hacking campaigns. Encourage them to use privacy screens to protect their information.

To help maintain a high level of diligent security monitoring, here’s a list of our remote employee do’s and don’ts:

The 3 P's Of Information Security And Records Management For Remote Workers



To deflect brand and reputation threats, it’s imperative to keep personal customer or client data and intellectual property private. Remote employees who handle sensitive records should have formal training in your privacy policies and tools to prevent misuse.

To learn more, visit

It’s important to remind employees working remotely, of best practices for information management and security. In stressful times, people find workarounds, so keep the communication simple and specific.
Arlette WallsGlobal Records & Information Manager, Iron Mountain