Secure Remote Working Policy

Introduction

Understanding the risk that flexible-hybrid working introduces to Redgate can improve the security of working practice. This policy outlines the expectations for flexible-hybrid working with respect to the security of both personal and Redgate owned mobile devices (e.g. mobile phones, laptops, etc) and, more importantly, the information that those devices contain.

Scope

This policy applies to Redgaters, contractors and agents (collectively referred to as “Team” in the rest of this policy).

Policy

Working on portable devices

Working on Redgate services is only allowed from Redgate devices, or devices that comply with Redgate’s Bring Your Own Device (BYOD) Policy.

Personal devices include (but not limited to):

• Mobile phones
• Laptops
• Tablets

Who can work remotely

Please refer to Redgate’s Flexible-hybrid Working Policy

When can you work remotely?

Please refer to Redgate’s Flexible-hybrid Working Policy.

Redgate's expectations of remote workers

Please refer to Redgate’s Flexible-hybrid Working Policy.

Health and Safety

Please refer to the Health & Safety Policy for how Redgate supports flexible-hybrid working.

Confidentiality

Redgate expects our Team to maintain the same high levels of confidentiality and integrity when working remotely or at home as they would when working in the office. As such, good practice such as screen locking, making sure your screen isn’t overlooked, clearing your desk and locking away sensitive data should all be practiced remotely or at home as you would in the office.

How to work safely when working remotely

There are potential risks when working remotely. This section aims to address the most significant risks but will not be exhaustive. At a high level, we would ask that you apply common sense to your working conditions and environment.

Protecting from theft

We would consider your home to be a safe environment, unless you house-share with individuals you don’t know well.

If sharing your home with others, or you have small children, you must:

• Not leave your laptop (or other work devices, or BYOD) unattended where accessible by others.
• Screen lock your device/s when not in use.
• Prevent all non-Redgate staff from using your device/s

When working in a public place, you must take special care to:

• Not leave your device/s unattended
• Keep your device/s close to you at all times, or locked in a secure location
• Where possible work where you are not overlooked (for example, with your back to a wall)

In any remote setting, always keep paperwork with you, or otherwise secured.

Information security

You must always be aware of the requirement to adequately protect the information you work with. This means that:

• You must not use untrusted networks (e.g. free Wi-Fi ) unless you can secure communication over that network .
• Do not download Restricted information more than is necessary to carry out your role
• This policy should be read in conjunction with the Clear Desk and Clear Screen Policy and Bring Your Own Device Policy, Information Classification Policy.

Policy Compliance

All information in Redgate’s Information Security Policies and IT Guidelines that apply in the office also remain applicable when working from outside of the Redgate office or when working from home, specifically:

• The Acceptable Use Policy;
• The Access Control Policy; and
• The Bring Your Own Device Policy
• The Information Classification Policy

Use of Redgate owned technology and systems must be in keeping with our Information Security-related Policies. Failure to do so may result in disciplinary action.