Virtualization Technology News and Information
Security Best Practices While Working From Home

By Ryan Weeks, Chief Information Security Officer at Datto

While COVID-19 continues to aggressively spread across the globe, many employees worldwide are facing the realities of working remotely for the first time. Simultaneously, there is increasing evidence to show that malicious actors are using concerns of the virus to prey on those same individuals. Given this, it is more important than ever before that employees understand their role in protecting their personal data and their company's data. From home networks, to the actions of family members, to how employees conduct their work, every aspect of an employee's remote work life plays a critical role in ensuring the future of business continuity.

In an effort to help employees and businesses around the world, here are some guidelines and best practices for how to work from home safely and securely.

General Guidance for Secure Remote Workers:

  • Report any suspicious activity to your security team.
  • Remain vigilant while reading emails, messages, web browsing, and be aware of common phishing techniques. Numerous attacks have surfaced that are using COVID-19 based content as delivery mechanisms for malware.
  • Avoid non-reputable websites or links that may be potentially malicious.
  • Avoid public network access points (i.e. coffee shop WiFi) and stay on your home network if possible.
  • Make sure your home WiFi is secured, ideally with WPA2 or WPA3. Ensure insecure features like UPnP are disabled and default logins to IoT are changed.
  • Work within cloud applications where possible to make sure data is being backed up.
  • Protect you and your family's personal accounts with 2FA, staying vigilant with interactions on online platforms.
  • Use strong passwords and ideally a Password Manager. 
  • Try to limit your family's bandwidth usage, the more devices in use (phones, game consoles, etc.), the slower your connection which can hinder your ability to work remotely.

Guidance for Employees using Personal Laptops and Desktops

  • Ensure you have a reputable Antivirus and Firewall installed and turned on, your internet service provider (ISP) may provide free security suites.
  • Ensure the latest operating system and web browser updates are installed.
  • Lock your personal computer when walking away from it (Win+L on Windows or Command+Control+Q on Mac).
  • Avoid the use of file sharing (P2P), and other high risk applications.


  • Use unsupported methods of communication to conduct business (We recommend using Zoom & Slack) 
  • Use unsupported 3rd party VPN software/services
  • Reuse passwords across personal and company accounts
  • Store company proprietary information/work on personal devices
  • Leave your business accounts logged in on shared system(s)
  • Use your personal email(s)/accounts to conduct company business
  • Connect unknown devices (USB sticks, peripherals, etc.) to company system(s)
  • Install software that may put your system(s) at risk (Unsupported remote desktop, etc.)
  • Wait to report any adverse information or suspicious activity identified with company assets

Fortunately, most businesses are equipped to operate while employees are remote. To learn more about how to best secure your systems and be productive while working remotely, visit our blog.


About the Author

Ryan Weeks 

As Chief Information Security Officer (CISO), Ryan is responsible for directing and managing Datto's Information Security program. Ryan spent 11 years securing enterprise applications, systems and sensitive customer financial data at FactSet Research Systems, where he orchestrated all facets of the global information security program. Ryan holds a B.S. in Computer Information Systems from Ithaca College, a M.S. in Information Assurance from Northeastern University and has industry security certifications including the Certified Information Systems Security Professional (CISSP) and the Certified Information Security Manager (CISM).

Published Monday, March 30, 2020 7:34 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<March 2020>