Freelancer Security Setup: Protecting Client Data Without the Complexity

As a freelancer, you probably don’t think of yourself as a cybersecurity target. You’re one person with a laptop, not a company with servers and a security team. But you handle client data: emails, contracts, credentials, project files, sometimes financial information. Under Swiss law, that makes you responsible for protecting it.

The good news: protecting client data as a freelancer doesn’t require enterprise tooling or a security budget. A handful of tools and habits, most of them free or cheap, close the gaps that actually matter.

What the nDSG expects from you

The nDSG (New Data Protection Act) applies to anyone processing personal data in Switzerland, including sole proprietors and freelancers. You don’t need a compliance department, but you do need “appropriate technical and organizational measures” to protect the data you handle.

In practice, this means:

• Unique passwords for every service (no reuse)
• Encryption on your devices (FileVault, BitLocker)
• A secure way to share sensitive files with clients
• Backups that are encrypted and tested
• The ability to delete client data when the engagement ends

If something goes wrong (a breach, a stolen laptop with unencrypted client data), you may need to notify the EDÖB and your affected clients. Having basic security measures in place is both your legal obligation and your best defense against liability.

The freelancer security stack

Here’s what actually matters, in priority order.

1. Password manager (critical)

This is non-negotiable. You log into client portals, project management tools, cloud storage, email, invoicing software, and dozens of other services. If you reuse passwords or keep them in a spreadsheet, a single breach anywhere cascades to everything.

A password manager generates unique passwords for every account and auto-fills them. It also protects against phishing: auto-fill only triggers on the correct domain, so a lookalike login page won’t fool it.

Recommendation: Bitwarden (free tier is excellent) or 1Password (~CHF 3/month, better UX and breach monitoring).

2. Two-factor authentication (critical)

Enable 2FA on every account that supports it, starting with email (your email is the recovery path for everything else). Use an authenticator app (Google Authenticator, Authy), not SMS. If budget allows, a YubiKey (~CHF 50) for your most critical accounts is the strongest option.

Your password manager can store TOTP codes, which is convenient but means a compromised master password exposes both layers. For maximum security, keep 2FA codes in a separate app.

3. Device encryption (critical, free)

Enable full-disk encryption on every device you use for work:

• Mac: FileVault (System Settings → Privacy & Security)
• Windows: BitLocker (Pro) or Device Encryption (Home)
• Phone: Enabled by default on modern iOS and Android

If your laptop is stolen, encryption means the thief gets hardware, not your client data. Without it, everything on that drive is accessible.

4. VPN (important)

A VPN encrypts your internet traffic. This matters most when you work from cafés, coworking spaces, hotels, or any network you don’t control. Even at home, a VPN reduces your ISP’s visibility into your browsing.

Recommendation: NordVPN (~CHF 3.50/month, fast, Swiss servers, independently audited) or Proton VPN (Swiss-based, free tier available).

Set it to auto-connect on untrusted networks. Most VPN apps make this a single toggle.

5. Encrypted backups (important)

The 3-2-1 rule: three copies, two storage types, one offsite. For a freelancer, this can be simple:

• Time Machine or Windows Backup to an external drive (encrypted)
• Cloud backup (iCloud, Google Drive, or a dedicated service) with encryption enabled
• Test restoring a file once a quarter to confirm it works

If ransomware encrypts your working files, a backup is the difference between a bad day and a catastrophe.

6. Secure file sharing (nice to have)

Stop sending sensitive files via email attachments. Use a service with end-to-end encryption:

• Tresorit (Swiss, zero-knowledge encryption)
• Proton Drive (Swiss, integrated with Proton ecosystem)
• 1Password for sharing credentials with clients securely

What this costs

Tool	Option	Cost
Password manager	Bitwarden Free	CHF 0
2FA	Google Authenticator	CHF 0
Device encryption	FileVault / BitLocker	CHF 0
VPN	Proton VPN Free	CHF 0
Cloud backup	iCloud 200GB	CHF 3/mo

Minimum viable stack: CHF 3/month. Upgrade to premium tools (1Password + NordVPN) for ~CHF 10/month total.

Common mistakes freelancers make

• Using personal accounts for client work. Separate your work email, cloud storage, and tools from personal ones. A breach of your personal Netflix account shouldn’t cascade to client data.
• No encryption on external drives. That USB stick with client deliverables? If it’s unencrypted and you lose it, that’s a potential data breach under the nDSG.
• Sharing passwords via chat. WhatsApp, Slack DMs, email. All of these are searchable and persistent. Use a password manager’s secure sharing feature instead.
• No plan for device loss. Know how to remotely wipe your laptop (Find My Mac, Find My Device on Windows). Enable it now, not after it’s gone.
• Ignoring updates. Patch management sounds like a corporate concept, but it applies to you too. Enable automatic updates on your OS and apps. Known zero-day vulnerabilities are patched through updates.

The 30-minute setup

1. Install Bitwarden or 1Password. Import browser-saved passwords. Let it flag reused ones.
2. Enable 2FA on your email, cloud storage, and banking.
3. Verify FileVault/BitLocker is on.
4. Install a VPN. Set it to auto-connect on public Wi-Fi.
5. Confirm your backup is running and encrypted.

That’s it. Five steps, 30 minutes, and you’ve addressed the security gaps that actually matter for a solo operator. Everything else is optimization.