Separate Work Devices: If possible, and if your work involves highly sensitive data, consider using a separate network or VLAN for work devices.
Use Company-Approved Devices and Software:
Authorised Equipment: Whenever possible, use laptops, mobile phones, and software provided and approved by your employer, as these are typically configured with necessary security controls.
Avoid Personal Devices for Sensitive Work (If Policy Dictates): Be aware of your organisation's policy on using personal devices for work (BYOD - Bring Your Own Device) and adhere to it. If personal devices are used, ensure they meet company security standards.
Employ a Virtual Private Network (VPN):
Encrypted Connection: If your employer provides a VPN, use it to encrypt your internet traffic and create a secure connection back to the company network, especially when accessing sensitive company resources.
Maintain Physical Security of Work Devices:
Prevent Unauthorised Access: Keep work laptops and mobile devices secure from family members, visitors, or potential theft, just as you would in an office. Lock your screen when away from your device.
Secure Document Handling: Be mindful of printed documents containing sensitive work information. Store them securely and shred them when no longer needed.
Be Extra Vigilant Against Phishing and Social Engineering:
Remote workers can be targeted. Verify any unusual requests for information or access, especially those appearing to come from colleagues or IT support, through a separate, trusted communication channel.
Keep Software Updated:
Ensure the operating system and all applications on your work devices (and personal devices if used for work) are kept up to date with the latest security patches.
Report Incidents Promptly:
Report any suspected security incidents, lost or stolen devices, or suspicious activity to your organisation's IT or security team immediately.
