According to research from security software provider Malwarebytes, roughly 20% of organizations may have suffered a security breach caused by remote workers since the beginning of the COVID pandemic. This is a worrying but predictable statistic and one that could have been easily mitigated by improved security in these companies. Here are six key work from home security best practices to ensure your business is protected.

In Your Home Office

Strong work-from-home security begins with your own home office environment and its setup. This is obvious, but some parts of it are so basic that they’re easy to slip up on or forget. As a starting step, keep your office itself secure from intrusions and entry by family members or visitors, or at the very least, lock down your devices with strong passwords.

Family or friends, and especially unknown visitors of any kind, should absolutely not use your work device for their own activities. You may trust them but there’s a constant risk that their private browsing on your device could easily invite malware or spyware into the machine you use itself, thus breaching your own work data. You should also not email documents to your printer–directly connect it if you can to avoid data being available (and forgotten) there.


Awareness basically means being aware of what you’re doing with your devices and how it can possibly weaken your remote work security. One example is mixing up business and personal email for sensitive documents. If your work email account channels through specialized security software solutions from managed IT services, it should be the only means by which you send and receive important information.

It’s also important to make sure that the general websites you visit are carefully vetted for possible security threats–it would be a bad idea to visit notoriously malware-friendly pirate sites on your work laptop. Social media platforms and game sites can also be risky in different ways from a work device.

More unusual but important as well: IoT devices such as Amazon Alexa and Google Echo are also always listening, and logging everything you say in servers that could possibly be breached one day. Avoid keeping them within audio range of sensitive conversations.


Password security is vital, personally and professionally. Keep your passwords complicated and long, either as memorable mnemonics or as strings of capital and lower case letters, and numbers derived from memorable but long mnemonics.

To further secure passwords, don’t let your browser memorize them. This is especially dangerous for business accounts, banking logins and particularly those in which your browser remembers not only the password but any payment information as well. Convenience isn’t so convenient when it leads to drained bank accounts.

Another tip is to not share your passwords with anyone who doesn’t explicitly need to know them. Even if they’re trustworthy, you can’t be sure that they’ll follow good password security themselves.


Wired networks are inherently more secure and robust than WiFi networks. Use them as much as possible for your home office and use them to connect all devices together with your modem, instead of WiFi if at all possible. Avoid using your mobile device for sensitive communications that relate to the work being done on your home network and as a further layer of security, secure your WiFi network itself for whenever you unavoidably do need to use it. Additionally, the most basic step to WiFi security is using your own custom access password that follows the network security advice mentioned above.

Human Threats

It’s crucial to avoid human threats by being diligent about verifying all details and credentials from anyone claiming to be someone trustworthy. In email communications, this means carefully verifying all business emails that request data or offer document downloads, and in terms of phone security, this means asking to call back the official numbers of any supposed corporate or banking representatives that call you first. Social media friend requests should be vetted for familiarity too, and especially within a work context.

More basically and physically, thoroughly destroy all your business documents and storage media if you’ve decided to discard them. This means physically destroying old hard drives and completely shredding documents.


Practice good data security by channeling all work-related tasks through work-secured channels and tech. This means NOT using personal devices for business data handling. Also, consider using your company’s internal VPN for all communications. Do not try to fix technical issues with any of these machines yourself either. If your organization has hired data security experts to set up its infrastructure, they should also repair anything that goes wrong with it.

Install Work From Home Security

Great Lakes Computer Corporation offers secured, professionally rigorous solutions for all of the above aspects of work-from-home security. Services from Great Lakes include its Security Operations Center as a Service (SOCaaS) platform for powerful network security for both in-office and remote employees, and strong email security solutions that remote workers can use to fully secure their messages from a home office.