With so many people working from home amid the pandemic, cyber threats have become a bigger risk for many small companies. It’s a lot harder to protect business data when everybody is working remotely—much less relying on modems and wireless routers used by multiple household members.


A June 2020 survey by IBM Security of more than 2,000 people newly working from home due to COVID-19 found that most of them were using personal laptops for work and hadn’t received new tools from their employers to secure the devices. Furthermore, nearly half of those workers had received no new security training, and more than one-third admitted to reusing passwords for business accounts.


“An organization’s cyber defense is only as good as its weakest leak, which tends to be its own employees,” says Paul Lipman, CEO of BullGuard, a provider of cybersecurity products including a virtual private network (VPN) tool.


Cyber criminals are also adapting—and getting sneakier—due to the work-from-home trend. Sending phishing emails with official-looking attachments, such as Excel spreadsheets, is just one growing threat. Business financial losses from phishing scams have been on the rise in recent years, according to Federal Bureau of Investigation data—and that was before the pandemic.


Cybersecurity tips for working from home


Businesses must consider how to keep their data secure when employees work from home—whether regularly or occasionally. Here are four tips:


1. Deploy antivirus software—and make sure it’s working.

Employees should be required to use only business-provided devices when working from home, and those devices should have a reliable firewall and antivirus software installed on them, says Anthony Mongeluzo, CEO of PCS, a Moorestown, New Jersey-based IT managed services and support firm. These protections will prevent malware or spyware that an employee accidentally downloads from infecting the device and potentially your network.


“Test them at least monthly,” Mongeluzo says. Business owners can test firewall security using free online tools such as Audit My PC.


2. Train employees to be more vigilant.

Your cybersecurity is only as strong as your employees’ ability to shield against threats like phishing scams and malicious links. Remind them to be leary of attachments and links in emails—even when they may appear to come from a trustworthy source, such as a business associate, Lipman says.


Criminals have only gotten savvier about sending out emails that appear legitimate and conning people into clicking on things they shouldn’t.


3. Strengthen your passwords policy.

If a cyber thief steals a password for, say, an employee’s online shopping account, they will likely try to use that same password to access other accounts—including work-related accounts. That’s why it’s critical that employees not reuse passwords. Create a password policy that requires them to have unique passwords for all accounts, and ideally change those passwords every few months.


Providing them with a password manager designed for business such as LastPass or Dashlane can make unique password creation, storage and recall much safer and easier.


Mongeluzo says multi-factor authentication should also be activated whenever possible, so employees must enter in more than just a password.


4. Use secure remote-access tools.

Using VPN or a remote desktop solution such as LogMeIn or TeamViewer allows employees to securely access their employer’s network from home. Both solutions reduce the odds that a cybercriminal can spy on your data, and using a remote desktop reduces the need to transfer data to home-based devices.


Beyond these security tips, Mongeluzo recommends businesses also consider getting an insurance policy that limits their financial losses in the event of a network breach that exposes sensitive information about customers, clients or others. Most standard business liability coverage today does not cover cybersecurity issues, even though it’s a growing risk.



Spectrum Business Internet provides every customer with a free security suite called F-Secure that can be installed on up to 25 devices.


Print this article