Remote work is everywhere in Albuquerque

Remote work isn’t temporary anymore. And your security needs to reflect that reality.

Your team might be working from:

  • A coffee shop in Nob Hill
  • A table at Flying Star
  • A co-working space downtown
  • A hotel during a business trip
  • Or their kitchen table at home

That flexibility is great, but it also creates risks most businesses haven’t fully addressed.

Because the truth is:

  • A coffee shop is not a secure office
  • Public Wi-Fi is not a safe network
  • And “working from anywhere” requires new rules

And if your business handles sensitive data, it isn’t just a security issue; it’s a compliance issue.

Under the FTC Safeguards Rule, you are responsible for protecting customer information, no matter where your employees are working. So here’s 8 things you need to keep in mind while planning your remote team’s cyber security.

1. Remote Work Doesn’t Change Your Responsibility

Let’s get the biggest one out of the way. One of the most common misconceptions is this: “If my employee gets hacked while working from home (or a coffee shop), that’s on them.”

But that’s not how regulators, or insurance companies, see it.

If your team accesses client data, sends financial information, or works on tax returns, your business is still responsible for protecting that data. Even if it’s being accessed from a café, hotel Wi-Fi network, or a personal home internet connection.

The location doesn’t matter. The responsibility does.

2. Public Wi-Fi is a Real Risk (Even in Familiar Places)

It’s easy to feel comfortable working somewhere you’ve been a hundred times.

But whether it’s a local restaurant or an airport lounge, public Wi-Fi has the same problems everywhere.

Most public networks:

  • Lack proper security
  • Are shared with dozens of strangers
  • Have little to no monitoring
  • Can be easily spoofed

If an employee connects to an unsafe network and client data is exposed, that can be considered a failure to protect customer information.

And, if there’s no clear policy or enforcement around public Wi-Fi use, you may not be able to prove you took “reasonable steps” to protect data.

3. If Your Team Works Remotely, VPN Isn’t Optional

If there’s one rule every Albuquerque business should enforce, it’s this: No VPN = No access to company systems.

A VPN (Virtual Private Network) encrypts your internet connection. That means even if someone is watching the network, they can’t read the data.

Recommended practices:

  • Make the VPN automatic (no extra steps for employees)
  • Require it before accessing email, files, or systems
  • Remove the option to “skip it”

This isn’t just best practice. It’s part of demonstrating you have proper safeguards in place.

Because if VPN is optional, people will skip it. Especially during a busy day.

4. Physical Risks Are Real, Even as Simple as Someone Looking Over Your Shoulder

Picture this. An employee is working on client tax returns at a busy coffee shop in Albuquerque.

Someone sitting nearby can read at the screen, see sensitive information, and secretly snap a quick photo.

That’s called visual hacking, and it’s more common than most people realize. From a compliance standpoint, this is still exposure of sensitive customer information.

FTC Safeguards doesn’t just apply to digital threats, it also applies to how data is handled in real life.

The fix is simple:

  • Use privacy screens on laptops
  • Sit with your back to a wall when possible
  • Be aware of who’s around you
  • Avoid sensitive work in public spaces.

It’s low-tech, but effective.

5. Losing a Device Is Easier Than You Think

In an office, it’s normal to step away from your desk. But at a coffee shop or co-working space, that same habit can cost you a device.

And it only takes a few seconds. A quick trip to grab another coffee, a distraction, someone walking by. And the laptop vanishes.

If the device contains client data, saved credentials, or access to your systems, that’s not just a lost device. That’s a potential reportable incident.

FTC Safeguards requires you to protect systems and data, control access, and reduce the risk of unauthorized exposure.

Clear rules for your team:

  • Never ever leave devices unattended
  • Keep devices secured at all times
  • Use encryption and access controls

6. Be Careful What You Say in Public

It’s easy to forget how much people can hear. Even in a noisy environment, conversations carry.

Client names, financial details, and internal business discussions could all be overheard. From a compliance perspective, that’s still exposure of nonpublic information.

Employees should:

  • Avoid discussing sensitive topics in public
  • Step outside or into a private space for calls
  • Be aware of who might be listening

7. Your Team Needs Clear Rules (So They Don’t Have to Guess)

Most employees aren’t trying to break security rules. They just don’t know what the rules are.

But FTC Safeguards requires more than just rules. It requires you have documented, enforceable policies.

A proper remote work policy should clearly define:

  • When public Wi-Fi is allowed (or not allowed)
  • VPN requirements (mandatory, not optional)
  • Rules for handling sensitive data in public
  • Approved work environments
  • Device security expectations

And just as important, you must train your employees on these rules.

Because if something goes wrong, one of the first questions will be, “Did you have a policy, and was it enforced?”

8. Remote Security Also Impacts Your Cyber Insurance

Cyber insurance carriers are getting stricter, especially for CPA firms and financial businesses.

If you file a claim but you didn’t enforce VPN usage, didn’t have clear remote work policies, and/or didn’t train your employees, there’s a real risk your claim could be denied.

So, this isn’t just about preventing incidents. It’s about being able to prove you did things correctly.

Remote Work Isn’t the Problem.

Remote work is here to stay, and it can be a huge advantage for your business.

But your security and compliance approach have to evolve with it.

Your data doesn’t know whether it’s in your office, at a coffee shop, or at the kitchen table, but it still needs to be protected the same way it is in your office.

A Simple Question for Your Business

If one of your employees is working from a coffee shop right now…

Are they following a documented, enforceable remote work policy OR are they just doing what feels convenient?

How We Help Albuquerque Businesses Secure Remote Work

At Haider Consulting, we help Albuquerque and Central New Mexico businesses, especially CPA firms and regulated industries, secure remote work while meeting FTC Safeguards requirements.

We focus on:

  • Practical, enforceable policies
  • Secure remote access (done right)
  • Employee training based on real-world scenarios
  • Documentation that supports audits and insurance

So your employees can work from anywhere, without putting your business at risk.

Want to see where your current setup might be exposed?

Schedule a quick 17-minute discovery call. We’ll walk through your current setup and show you where the risks are so you can secure your business.

Call us at 505-821-6070 or schedule a 17-minute discovery call.

Book My 17-Minute Call

Because if something went wrong tomorrow, you need confidence that your remote work structure would hold up under an audit or insurance claim.

Download your free guide:

7 Steps for Better Cyber Security in Your Business

Cybercrime is at an all-time high, and hackers have set their sights on small and medium sized businesses. Don’t be their next victim!

Our 7 Steps will get you started in protecting the business you’ve worked so hard to build.

Fill out the form to get the guide now!