Security Best Practices When Working from Home

Security Best Practices When Working From Home

A study estimated that roughly 75 percent of the healthcare industry’s online information is infected with malware. That includes 700 organizations and that’s in just one sector alone. During the COVID-19 pandemic, people all over the world had to adjust to working remotely. Even after quarantine is long gone, more and more employees are working from home, and remote jobs are one the rise even during regular days.

Working from home has plenty of perks, such as having more control over your surroundings and completing tasks in your pajamas. However, cyber risks are still a threat at home, and when you’re dealing with potentially sensitive business information, being on guard is vital.

Why It’s Important

You might not give a lot of thought to the type of information hackers could obtain if they infiltrate your online data. Keep in mind that if you have access to project management platforms, spreadsheets, private client information, or any type of financial documents or personal info, you put these at risk if you neglect cyber safety.

Without proper online safety, you could be putting not only your information but also clients’ info, your company’s, and in some cases, potentially put your job at risk. So, how do you make sure you’re using best practices when working from home online?

When it Comes to Wi-Fi

Whether you’re working from a coffee shop, a work-share space, or evening bumming off your neighbor’s Wi-Fi at home, utilizing a public network is always a risk. Whenever possible, avoid using public networks, especially when you’re dealing with any type of sensitive information on your computer or tablet.

If you run a company, it’s a smart idea to enforce a policy about employees using private, secure networks when dealing with sensitive information or business activities.

Use a VPN

A VPN is a virtual private network. Using a VPN is essential to protect yourself if you end up in a situation where you need to utilize a public network connection. If you’re on a public network, such as those in a café or hotel, your incoming and outgoing information such as emails are not secure.

A VPN will encrypt the traffic from your computer, helping to protect your information even when on a public network. If you must use public Wi-Fi, a VPN is a cheap and easy way to protect your device and sensitive information.

Security Protection on Your Devices

Just as company devices should get set up with up-to-date firewalls, antivirus software, web filtering, and encryption, so should your computer or each employee device. With some employment positions, this can be a problematic issue to enforce, as it can infringe on workers’ personal use of their computer or tablet.

If you work from home, it’s generally in your best interest to take the responsibility to make sure you have security software installed and updated to avoid problems. It’s simple enough to protect your devices with security software, and you don’t want to be the one responsible if company information gets hacked.

The minimum you should have covered when it comes to your computer include:

  • Enabling automatic updates
  • Antivirus and Anti-Malware
  • Avoid pirating or downloading suspicious software
  • Block pop-ups and install from legitimate websites instead
  • Don’t click on suspicious links
  • Be smart about your passwords

These are all simple steps everyone can take that go a long way in keeping your devices safe.


When it comes to things like Windows, Chrome, Firefox, or other applications, they can get bugs and continuously encounter security issues. Updates exist to fix these bugs or holes in security, so this is why automatic updates are vital.

Antivirus and Pop-Ups

Antivirus software is pretty self-explanatory in its use. As for downloading cheaper or free software from a site that looks a little sketchy—well, you’re asking for problems if you take that risk.

As for pop-ups, they are an easy place for hackers to redirect you under the guise of something else. Even if you’re trying to install something, see if there is a link on the actual website before clicking a pop-up that could have an address unrelated to the program you’re attempting to run.

Avoid Sketchy Links (Even from Friends)

Some scam emails are simple to spot a mile away—the suspicious address, an odd subject line, a “company” you’ve never heard of with a spammy-looking link inside. Most internet users know to avoid these.

However, it can be tempting to click on the slightly unusual link sent from a known contact, even a close family member or friend. You’ve probably heard of the term phishing. Phishing is when spammers or scammers infect users you may know (again, using secure networks and complicated passwords are vital) and send emails that look legitimate.

Inside, you might encounter a link that seems straightforward, but redirects to a different website. Before clicking on any link, hover your cursor over it and check where it goes. This address will usually pop up on the very top or bottom corner of your screen.

Even if the email seems as legitimate as something from your bank, it could still be a phishing scam. If your bank is ABC Credit Union and you hover over the link, and it redirects to or any other form or sketchy address, do not click.


Now, when it comes to passwords, this is one super widespread yet straightforward area of cybersecurity that gets overlooked. Hackers are smart, and some can find ways to figure out your password to a site—especially if your password is too simple, too obvious, or is a form of your essential information like your birthday.

This is why it’s crucial to use different passwords for various sites, especially when it comes to sensitive work information. Changing your passwords once in a while, not just when you forget them, is also a smart idea.

Yes, we understand, these days you need to remember so many passwords it can be frustrating to come up with a new one for every login. We recommend using a password manager site such as LastPass, where you can automate passwords and keep them stored, diversified, and backed up.

If you’re unwilling to use a dedicated site for them, you can keep your passwords in a locked note on your phone. Using this method is not the most secure, but can help if you can’t remember them.

You can even utilize an old fashioned notebook (preferably with some sort of lock or at least in a different place than your computer if you’re in public). If you’re going to use this method, by all means, keep that notebook in a private place and never leave it with your device in a public place!

We highly recommend a more secure password management system than this method, but it’s better than using an over-simple password, and the same one for every login.

You must not use passwords that anyone can guess, for example, 1234, or 1111, or even “password” as your login. These passwords are too simple and too obvious. Anyone can guess these, even those who are not a pro at hacking.

When selecting passwords, it’s best to use more characters if possible, for example, eight to ten instead of six. If you can mix numbers and letters along with a special character or uppercase and lowercase, that’s even better.

Again, don’t make it something easy to guess, and don’t create a password that is any type of personal information someone could use if they found your essential information.

Other Considerations

The above are essentials for every computer user to follow, regardless of whether you travel with a computer back and forth from work to home or if you never leave your house, and your device never moves.

If you move about with your computer now and then, or if you run a small company that has employee emails, be extra aware of a few more steps.

Physically Protect Your Devices

It’s not just cyber hacking you need to think about when working from a computer or tablet from home or in any other remote location. If someone can get their hands on your device, you run the risk of compromising your information or your company’s.

If you live alone or never leave your house with your laptop, you might not need to stress quite as much about this issue. However, you still need to use common sense. If you have people over, keep your devices in a safe place where lurking eyes or more distant acquaintances can’t get to them.

You also don’t want to flaunt your computer or tablet right by a window where an intruder could easily break in and get away with your equipment. If you go for a stroll around the block, lock the door to your house or apartment.

If you find yourself working in a coffee shop or any other public place, never leave your devices out of your sight. It might be pleasant to think well of the people around you and hope no one would dare to steal your computer, but in reality, that’s not always the case.

If you must get up to use the restroom, leave something less valuable to save your seat and take your device with you in a bag to hang on a hook where you can keep your eye on it. Or forfeit your table — it’s better than losing your personal information to a thief, or your whole computer as someone walks out the door with it.

Encrypt Your Email

You can lock the door to a lot of cybercriminals by encrypting your company’s emails with software like Mimecast. Programs like this can help reduce phishing, spam emails, and can help to spot delicate information, such as passwords, that no one should share via email.

USB and Other Removable Devices

USB sticks are a scarily simple way for viruses and malware to infiltrate your computer. Even if you receive a USB from a conference, it could infect a device. Malware can be on these handouts without the knowledge of those who organized the event.

Have your IT department check it first, and don’t allow anyone to plug a random USB into your device. It’s not just a scene from modern heist movies; a removable device is a real-life way for someone to install malware or capture information from your computer.

The Takeaway

A study through the University of Maryland estimates there is a hacker attack roughly every 39 seconds. That’s a frightening number, especially as we live more of our lives online, and especially when your entire job is done remotely via your computer or another device.

However, the positive news is that with just a little forethought and investing in a few software applications and protective practices, you can guard yourself against these attacks. Spend a bit of time protecting your computer and use common sense about online safety, and you’ll go a long way in keeping yourself much safer online.

Vivian Choi

Vivian lives in Brooklyn. She went to school at Stony Brook University, where she studied Computer Science and English. She’s created apps, designed websites, and even published a few short stories. When she’s not coding or writing, she likes walking with her husky named Roscoe.