Remote Work Security — Study Guide
Review these materials before taking the exam. All links open in the Krumware Confluence IO space.
Key Concepts
- Tailscale is mandatory. Must be installed and active on every device used for work. No exceptions, no workarounds.
- Public Wi-Fi: Always have Tailscale active before connecting. Use mobile hotspot as backup. Forget networks when leaving.
- Home network: Change default router password, use WPA3/WPA2, strong Wi-Fi password, keep firmware updated.
- Work profiles: Personal devices must have MDM work profiles. Work data stays in the work profile.
- Screen lock: Lock when stepping away, even at home. Build the automatic habit.
- Public spaces: Never leave devices unattended. Use privacy screens. No sensitive meetings where others can overhear.
- Travel: Devices in carry-on only. Use hotel safes. Avoid hotel business center computers.
- Printing: Don't print Confidential/Highly Confidential at home. If you must, shred with a cross-cut shredder.
Policy References
| Document | Relevance |
|---|---|
| TRN-006 Remote Work Security Guide | Full training guide — Tailscale, Wi-Fi, home network, work profiles, physical security |
| POL-007 Acceptable Use & Communications Policy | Governing policy — acceptable use of devices, networks, and communications |
| POL-015 Physical Security Policy | Physical security requirements for remote workers (requirements 25-27) |
| POL-003 Secure Configuration & Change Management Policy | MDM enrollment, screen lock enforcement, endpoint configuration |
| POL-005 Vulnerability Management Policy | Tailscale requirement, patching timelines, endpoint security |
| POL-009 Network Security Policy | Network security requirements including VPN/Tailscale |
Related Standards
| Document | Relevance |
|---|---|
| STD-004 Linux Workstation Hardening Baseline | Linux-specific endpoint security requirements including Tailscale, firewall, encryption |
| STD-002 Encryption Standard | Full-disk encryption requirements for all devices |
| STD-003 Password & Authentication Standard | Password requirements, MFA, screen lock credentials |
Related Procedures
| Document | Relevance |
|---|---|
| PRC-008 Monthly Access Review | Monthly review includes remote worker compliance verification |
| PRC-003 Equipment Issuance & Return | Device issuance including MDM enrollment for remote workers |