top of page

WFH? How to ensure your employees are working safely online

Working from Home (WFH) has been great in helping businesses through Covid. It has helped with offering flexibility for employees. However, WFH can present new challenges for both employees and employers, especially when it comes to ensuring that work is being completed safely. Here are some tips for ensuring that your employees are working safely online even when out of the office:

Establish clear guidelines and expectations for working remotely

Make sure your employees understand your policies on working from home, including guidelines for internet usage, device security, and data protection. The West Midlands Cyber Resilience Centre can help you with policies through the Cyber PATH services. Advise your employees to use secure, password-protected networks and devices when working remotely. This can help protect against cyber threats such as hacking and malware.

Use security software

Encourage your employees to use antivirus and firewall software to protect their devices against online threats. It’s important that if their device encourages them to download an upgrade, they do it immediately; these updates are designed to safeguard data. Just make sure they understand the source of the update and that it’s compatible with the existing security software before installing it.

Train employees on cybersecurity

Provide training and resources to help your employees understand how to stay safer online. This could include information on how to spot and avoid phishing attacks, how to create strong passwords, and how to protect sensitive data. If your employees are working somewhere public, such as at a coffee shop, make sure they know not to just buy a coffee, open their laptop and connect to the first network they see. Better yet, ask them to only connect to a secure 3G or 4G hotspot with a private, regularly changed password if they’re out and about.

Implement two-factor authentication

Two-factor authentication adds an extra layer of security by requiring a second form of authentication (such as a code sent to a phone) in addition to a password. It can feel like a nuisance, but it really does help keep your information, data and systems safer. Consider making it mandatory for your employees to implement this for access to sensitive systems and data.

Awareness of surroundings

If in a public area, ensure that confidential information, such as credit card numbers, passcodes etc, are not spoken aloud. The time to pay for something over the phone is not while on a train filled with strangers. Also, be careful with written codes and passwords. Security includes being careful with paperwork and documents because these could give valuable information to wannabe hackers. Instead, make sure your employees are aware of the risks. The person who said that ‘loose lips sink ships’ had a point!

Regularly check in with your employees to ensure that they are following security guidelines and to address any concerns they may have. By following these tips, you can help protect your employees and your business from online threats while working remotely.

Make yourself a hard target and get trained in security awareness today. Contact us to learn more.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.


The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page