Work From Home – Security Checklist

Work From Home

With the rise of remote work arrangements, ensuring the security of your work-from-home setup is more important than ever. Whether you’re a freelancer, remote employee, or entrepreneur, safeguarding your digital workspace is essential to protect sensitive information and maintain productivity.

To help you create a secure work-from-home environment, we’ve compiled a comprehensive security checklist covering various aspects of remote work.

1. Cybersecurity

Cybersecurity is a critical concern for companies that have employees working from home. Remote workers may not have the same level of security as those working in an office, and may be more vulnerable to cyberattacks.

To ensure the security of remote workers, companies should implement a comprehensive cybersecurity strategy that includes the following elements:

  • Ensure laptops/devices have hardware encryption
  • Where possible, ask that screen filters are used to make shoulder-surfing harder
  • Make 2 factor authentication (2FA) mandatory for all remote workers
  • Including email and when accessing any critical systems or applications
  • Encourage staff to use password managers
  • Remind staff NOT to open links or documents with Coronavirus information. Ask them to report these
  • Remind staff about the need to protect confidentiality
  • Ask staff NOT to defer critical updates to software
  • Remind staff that surfing porn, amongst other things, is illegal
  • Staff must not visit sites like illegal movie websites as they pose a risk of ransomware and malware infection
  • Remind staff NOT to lend their machines to their children or other members of the family
  • Stress the IMPORTANCE of NOT sharing passwords (remote working can lead to more password sharing)

2. Privileged Users

Privileged users, such as administrators and executives, may be at a higher risk of cyberattacks when working from home, as they often have access to sensitive data and systems. To ensure the security of privileged users when working remotely, companies can implement the following measures:

  • Ensure you inform all IT and business privileged users and:
  • Remind them of their responsibilities
  • Insist that they DO NOT login for DAILY tasks with high privileges
  • Demand that they REPORT all errors/confess to mistakes immediately

3. Phishing Emails

  • Remind staff that it’s ok to make a mistake and that they should own up if they have:
  • Accidentally clicked on a suspicious file and or link
  • Opened a suspicious PDF or Word, excel file with a macro
  • Staff MUST report malware/ransomware infections immediately

4. Online Meetings & Calls

  • Remind staff to MUTE the microphone when they are not speaking in a conference call
  • Educate all staff to ensure webcams are blocked by default
  • Remind staff NOT to leave their machines UNLOCKED, especially during a call or when visiting the loo
  • Ask staff NOT to work from coffee shops or public places (if possible) – especially if they are on confidential calls or working on confidential documents

5. Privacy

  • Remind all staff of their responsibility to respect the privacy of your clients and your staff
  • Remind IT and cybersecurity folks to be extra vigilant for possible malicious activity on user accounts
  • Staff must be reminded NOT to email personal information via email OR store personal information in non-approved locations
  • Staff members may be exchanging personal phone numbers and or emails. If possible avoid this OR ask staff to prepend “delete-later” to the name of staff if they save these details

6. Exceptions (Get ready to grant exceptions left, right and centre)

  • If you don’t have one yet, create an exceptions register
  • Create a review by date and put multiple calendar reminders for you/your team to review them
  • Where possible, have a “No way this is an exception” list

7. Cyber-attack & Incident Response

  • To find out more about our UK-Government NCSC certified on incident planning and response, email us on or call us on +44 (0) 203 189 1422
  • Constantly remind staff to be alert for phishing emails and other attempts to compromise/steal account details
  • Staff must report these emails and malicious activity
  • Encourage them to call certain stakeholders if they want to
  • Security staff must be extra vigilant and actively seek out suspicious activity (given the remote working habits of users this may be operationally expensive)
  • Ask IT and security staff (including outsourcers) to pick up the phone and call if it’s important rather than solely rely on email. (use a separate out of-band app or something as simple (not very secure) as WhatsApp groups for urgent communications
  • Keep a printed copy of your procedures and checklists at home AND make sure they ARE not easily accessible
  • Remind all staff that it’s ok to make mistakes (like sending emails to wrong recipients, clicking on a malicious link, causing an outage etc) and that they MUST own up immediately. Stress that in most cases there will be NO repercussions

8. Backup Backup Backup

  • Provide staff software to ensure their critical documents are backed up
  • Ask staff to back up their data on an approved external hard disk that is NOT permanently connected to the device
  • Ask staff NOT to use approved external cloud storage services
  • Ask staff to reach out to discuss any cloud storage or cloud service solution that they want to use


Implementing these security measures outlined in the work-from-home security checklist can significantly enhance the security posture of your remote work environment. By prioritizing network security, device protection, data encryption, and employee training, you can mitigate the risks associated with remote work and ensure a secure and productive remote work experience.

Remember, maintaining a secure work-from-home setup is an ongoing process that requires vigilance and proactive measures to adapt to evolving cyber threats. Stay informed, stay vigilant, and prioritize security in your remote work environment.

Stay safe and secure while working from home!

You may also like:

Related Posts

Leave a Reply