You are ready to hire a virtual assistant, but you are concerned about the security?
Here are few important steps to secure your business ahead of hiring a virtual assistant:
- Develop clear security policies
For many small businesses, the VA hire might be the first hire they make, so it’s understandable that they may not have any specific policy in place when it comes to security in the business. Generally speaking, any employee, including a VA, knows the importance of taking care of your data, but it’s good practice to be very clear about your expectations.
Among your business documentation, include policy for data security, privacy and any other points relevant to your security. For example, you might include document classification policy if this is something relevant to you.
You should also give some thought to the types of work that you’ll want your virtual assistant doing and what this gives them access to in your systems. If you can block access to certain things that aren’t necessary for them to have, then this is a good step to take. Alternatively, you might require password access to certain files, which makes it easier to ensure that only those whom you want accessing them can get in.
Consider documenting all of those things that your VA will and won’t have access to, so it’s easy for you to refer to and check up on.
- Look at your systems security options
One thing I’ve noticed business owners doing often is giving the virtual assistant hire (or other outsourcer) their own systems passwords to log into accounts. For example, they hand over their WordPress account details and get the VA to log in that way.
The danger here is that if something does go wrong, they have your login details and you’ll be scrambling to change everything. Besides that, your password is giving them complete admin access to systems and that’s not always appropriate.
For every system that you have, look at the options you have to grant user access. It is much better to create logins particular to the user, and even better if you can restrict what they’re able to do. Take Facebook*link*, as an example – you can give full admin access, or any of a few different options which restrict how much access the person has). This way, if or when the person leaves your employment, no matter what the circumstances, you can simply restrict their access rather than having to change all of your passwords.
In many of these tools, having unique user IDs means that you can also track what other users do in your software. You can see if they appear to be doing anything that is not within the scope of their job.
Another point here is to look at tools or software which include version control with them. This way you can see any changes that have been made and can revert to a previous state if necessary.
Always operate with a password manager
Apart from giving your virtual assistant particular and restricted logins to your systems, you can also greatly benefit from using a password manager with your virtual assistant, especially if the tasks you delegate to your VA require them to have access to your accounts online, whether they be social media platforms, CRM and project management tools, your business email accounts, and your cloud storage drives.
With a password manager, you wouldn’t have to divulge your specific login details to your virtual staff
You’ll be able to share your login credentials with your virtual assistant using the password manager’s sharing feature, and your VA will be able to go into your accounts seamlessly without having to know what your exact passwords are. It’s also easy to withdraw their access to those accounts via the password manager if they leave your employment later on.
- Payment details
What if your virtual assistant job description will include responsibility for booking things? Should you hand over your credit card details? This is a common question, and we do discourage giving out your credit card details for the obvious security implications that doing so entails.
If you really need the VA to be able to use a payment method, consider an alternative, such as:
- Getting them a card in their own name on your business credit account.
- Nominating your VA officially to have access (you’ll need to check with your provider as to whether they will allow this. Make sure they know the VA isn’t an employee where they are a contractor or hired through a third-party company).
- Get a separate, prepaid card that the VA can use, limiting how much they have access to.
- Give them access to a card that only has a very low limit available.
- Use Non-Disclosure Agreements
An NDA is designed to give you some legal recourse should your VA share any proprietary information from your company with anyone else. You’re basically asking them to keep the inner-workings of your business, your customers lists, and any other important information confidential.
An NCC (non-compete clause) may also be known as a CNC (covenant not to compete). When you get an employee to sign this, you are asking them to agree that they will not start a similar business that is in competition with yours. Some of these agreements extend to working for a competitor, barring the employee from doing so within a certain period of their employment with you.
Generally, there will always be some kind of time limit on an NCC and they may be limited by geographic areas too. Courts have upheld these as long as they are considered to contain “reasonable limitations” (you can’t ask someone not to compete forever). The idea is to prevent a former employee or a competitor from gaining competitive advantage through the intimate knowledge they have of your business.
Fears over the security of the business are a common objection from owners who need help, but just aren’t quite sure whether to go ahead and hire a virtual assistant. If you put a few precautions in place though, your business will generally be as safe as any that has co-located employees.
Prepare your business ahead of time by considering the systems you have, the options you have for data security, and exactly what your VA will need access to. Protect your intellectual property where applicable and have an NDA and policy that makes your position abundantly clear.
Securing your business should be a concern, but it shouldn’t be such a worry that it prevents you from getting the help that you need.