Skip to main content

Remote Work Guidelines

Document
RFD 4
Status
published
Version
1.0.0
Created
2026-01-01
Updated
2026-02-15
Authors
Ananya
Reviewers
Anjul Sahu
Visibility
public
warning

This is a public document.

Remote Work Guidelines

We are a remote-first organization. Remote work is a privilege, not a right. We often tend to mix remote work with flexibility that may result in unpleasant experience and misalignment on the expectations. Please read and understand how to best utilize this privilege.

This policy establishes guidelines to ensure the efficiency, security, and well-being of our people, who work remotely. This policy addresses key aspects such as communication, data security, device security, punctuality, availability, client data protection, cybersecurity, and data privacy.

info

In case of any queries, reach out to people ops team (#people-ops channel on slack or email).

Scope

This policy applies to all who are employed by CloudRaft and who have been authorized to work remotely, either on a full-time or part-time basis. It covers all remote work arrangements, including working from home or any other location outside the company's physical offices.

Communication

  • Availability: You must be available and responsive during their agreed-upon working hours. Standard working hours should align with the company's core business hours and client's business hours unless otherwise approved by the manager. Use OOO setting in your email, Slack status updates and #out-of-office channel in Slack to reflect your availability.
  • Communication Tools: You are required to use company-approved communication tools, including email, instant messaging platforms (Slack), video conferencing software (Google Meet/Zoom), for all work-related communications. Unauthorized use of non-approved platforms for company communications is prohibited.
  • Meetings and Standups: You are required to attend all scheduled virtual meetings, standups, one-on-one sessions and other team events such as Fun Thursdays, All hands unless excused with prior notice. Please try to keep your video on during meetings to make it easier. Sometimes, it is expected to have quick huddles and you are expected to be available for quick responses.
  • Reporting: It is best to provide regular updates proactivey via async communication channels such as project slack channel. This includes daily or weekly status, depending on the team's requirements and the nature of the work. Delaying too long to report can lead to miscommunication and inefficiency. We encourage you to regularly put the the details in the task tracking system (currently, it is Clickup and Clockify for time tracking).
  • Communication:
    • Try to over communicate and follow a general practice of giving full context to your colleagues. For example, just saying "Hi xyz, I need your help", may not be useful in async remote setup, try to give full context, why are you contacting. For example, it could be “Hi xyz, I am facing an issue with x and need your help in resolving this to unblock y”.
    • Try to minimize 1:1 DMs for problem solving and use the common channels (for each Project we have separate channels) so others can also add value and see the discussion. This historical context is useful for future discussions and new joiners who want to understand what is going on.
  • Slack Profile: Please keep your slack profile updated with your photograph, contact details (email + phone) and who you are to make it easy for others.

Important Slack Channels for Communication:

  • general: Limited to leaders and HR team for communicating important company wide announcements.
  • out-of-office: For informing everyone when you are not available to work
  • random: For sharing random posts, news, articles, etc
  • water-cooler: For discussing any non-work related stuff.. your hobbies, what movie you are watching or could be related to any latest news or events
  • int-<project-name>: For internal discussions related to a project.
  • ext-<project-name> or cloudraft-<client-name>: For external discussions related to a project. This channel includes client.

Data Security

  • Confidentiality:
    • You must uphold the confidentiality of all company and client information. Data should only be accessed and processed in secure environments, and not in public spaces or unsecured networks such as Cafes, Airports, etc.
    • Protecting client information is everyone's responsibility. Don't discuss them in public setting. Follow Client's information security policies first and then ours.
  • Data Storage: All work-related data should be stored on company-approved Google Workspace accounts or Project's GitHub repository. Personal devices should not store sensitive company data unless approved for such use.
  • Access Control: You should use strong, unique passwords and enable multi-factor authentication for all company systems. Credentials must be kept confidential and not shared with unauthorized individuals.
  • Data Transmission: Sensitive data should be transmitted using secure channels, such as encrypted email or company VPNs, to prevent unauthorized access.

Device Security

  • Company vs. Personal Devices: You should use company-provided devices whenever possible. If personal devices are used, they must meet the company's security standards and be pre-approved for remote work.
  • Software and Updates: All devices used for remote work must have up-to-date operating systems, software, and security patches. You are responsible for ensuring that antivirus and anti-malware programs are installed and regularly updated.
  • EDR Agent: All devices must have the Wazuh EDR agent installed and running. This is essential for monitoring and detecting potential security threats.
  • Physical Security: Devices should be kept in a secure location when not in use. You should lock their devices when stepping away and ensure that no unauthorized individuals have access to company equipment.
  • Reporting Theft: In case of theft, loss, or damage to company devices or your own devices where company data is stored, you must immediately report it to your manager and the HR by calling them and a police complaint should be registered within one hour of discovery of the incident. The Manager need to take further action and report to the client if necessary. Please don't contact the client directly.

Punctuality and Availability

  • Working Hours: You are expected to work in the designated hours, typically aligning with the company's core hours, unless otherwise agreed upon with their supervisor. Flexibility may be allowed, but must be communicated and documented. Flexibility and remote work is a privilege, it works best when you coordinate well with your team, manager and the client. You need to proactively communicate your availability and get approval from your manager on Slack.
  • Breaks and Downtime: Since we do a desk job, it is encouraged to take frequent breaks to maintain health and productivity. A quick 5-10 minutes coffee break or a short stroll is okay or if you want to do a quick errand that may take few minutes at home, it is usually fine and doesn't need any approval. You should be available on the phone and respond. Again try to be more communicative via Slack update or a quick message.
  • Response Time: You should try to respond to emails, messages, and calls within a reasonable timeframe (up to few minutes) during working hours to have the right productivity level for your team. They shouldn't be blocked on you for a long time.

Client Data Protection

  • Data Handling: You must ensure that client data is handled with the highest level of security and confidentiality. Data should only be accessed and used for authorized purposes.
  • Data Sharing: Client data should only be shared with authorized personnel and through secure, company-approved methods. Unauthorized sharing of client information is strictly prohibited.
  • Data Retention and Disposal: Client data should be retained according to legal and company guidelines. Proper disposal methods must be followed to ensure data cannot be recovered or misused.

Cybersecurity and Data Privacy

  • Phishing and Scams: You should be vigilant about phishing attempts and other scams. Suspicious communications or potential security threats must be reported to the your manager immediately. This is more common than you think. A phishing email usually has poor grammar, shows urgency, coming from unusual email address or trying to have some finacial motive in the messaging.
  • Data Privacy Compliance: You must comply with all applicable data protection laws and the company's data privacy policies, including client specific policies.

Training and Awareness

  • Ongoing Training: You will receive ongoing training on remote work best practices, data security, and privacy. Training sessions may include simulated scenarios, workshops, and updates on the latest security threats.
  • Policy Updates: You will be informed of any updates to this policy and are expected to comply with the latest guidelines. Regular reviews and acknowledgments of the policy may be required.

Compliance and Consequences

  • Adherence: You are required to adhere to this policy. Non-compliance may result in disciplinary action, which could include revocation of remote work privileges, written warnings, suspension, or termination of employment.
  • Monitoring: The company reserves the right to monitor your remote work activities, including internet usage and access to company systems, to ensure compliance with this policy and protect company assets.

Coworking Space Usage

  • Coworking: You are encouraged to explore coworking spaces in their respective areas. In case of unforeseen situations such as power outages, or Internet issues, you can work from these coworking spaces, with the company reimbursing up to ₹500 per day. If the deviation in your spending is more, please discuss with HR team. Your productivity shouldn't suffer because of such issues.
  • Reimbursement: as per the terms defined, you will be reimbursed for the expenses incurred for coworking space usage. Discuss with HR team in case of any questions.

Flexibility: What it means?

23 Feb 2026 Note from Anjul

Remote-first is something I've believed in from day one, and that hasn't changed. But I've been watching a pattern develop that I want to address head-on, because if I don't, it's going to become a real problem.

Some of us have started treating flexibility as "do whatever, whenever." It isn't. Flexibility means you get to decide how you structure your day — not whether you show up for it.

Here's what I've been seeing:

  • People going offline with no warning, leaving teammates and clients hanging
  • Meetings missed or skipped because of personal commitments that could have been planned around
  • Availability that nobody can predict, which means nobody can rely on you
  • Personal errands running through the middle of the workday

This erodes trust — with your team and with clients. It also just makes us slower and less effective than we should be.

WHAT’S CHANGING

  • Be available during business hours. 9:30 AM to 6:30 PM is the baseline. You don't have to follow that exact window — if 10–7 works better for you, or you split your day, that's fine. But pick a schedule, tell the people who work with you, and stick to it. Unpredictability is the problem, not the hours themselves.
  • Keep personal errands out of the workday. A quick doctor's visit or bank run that genuinely can't happen outside work hours — fine, we're human. But the gym, personal appointments, household stuff — plan those around work, not through it.
  • Team meetings are not optional. In a physical office, you wouldn't skip a meeting to run a personal errand. Same rule applies here.

The simplest way I can put it: imagine you're going into an office every day. What would you do? Do that.

I'm not pulling back on flexibility. I'm asking you to treat it as something that works because we're disciplined about it — not something we take for granted.

Anjul