Skip to main content

Guidance on keeping safe and secure whilst working from home

As we adapt to modified ways of working we need to ensure we continue to take the security of our data and systems seriously.  You may have seen from recent media reports that cyber criminals are preying on fears of the Coronavirus (COVID- 19) and sending 'phishing' emails that try and trick users into clicking on a link to a bad website (which could download malware onto their computer or steal passwords).

The layers of security we rely on in the workplace are naturally reduced when working remotely; and there are some simple security tips both online and offline that will help ensure our work and data remains effective and secure.

Online tips

  • Tick Image

    be alert to COVID-19 phishing and vishing (telephone equivalent of phishing) scams.  Threat actors are well aware that people are being asked to work remotely and it presents an opportunity for them to exploit.  If in doubt, seek advice from colleagues or the corporate security team if something does not feel right, be it an email, a phone call or a physical approach

  • Tick Image

    don't use public WiFi, either work offline and connect later once at home on a more secure network or connect by tethering to your mobile device

  • Tick Image

    be suspicious of any emails asking you to check or renew your passwords and login credentials. Try to verify the authenticity of the request through other means e.g. call the ICT helpdesk

  • Tick Image

    don't click on suspicious links or open any suspicious attachments

  • Tick Image

    change the admin/default password on your home broadband router,

  • Tick Image

    ensure the firmware on your home broadband router is up to date

  • Tick Image

    make sure you are running all the latest versions of software on all your devices

  • Tick Image

    consider password protecting documents that you send across the internet to other colleagues

  • Tick Image

    don't use your work email address to register on non-work-related websites

  • Tick Image

    have a data back-up strategy, and remember to do it: All important files should be backed up regularly. 

Offline tips

  • Tick Image

    always keep all your work devices with you when travelling (never leave work laptops or devices in cars)

  • Tick Image

    never allow anyone else such as family members to access your devices for personal use such as internet browsing
     

  • Tick Image

    reduce paper-handling to zero.  Try not to print documents and work on them in public spaces.  They will be vulnerable to theft or misplacement 

  • Tick Image

    use a screen protector to prevent shoulder surfing if you are in public spaces or shared accommodation

  • Tick Image

    don't write passwords down

  • Tick Image

    keep your work telephone conversations discreet.  Hold them in a private place if possible

  • Tick Image

    never leave equipment unattended, anywhere.  Lock your workstation when away from it at home.  It's good behavioural practice and, if you live in shared accommodation, obligatory. 

  • Tick Image

    Familiarise yourself with your organisation’s incident reporting processes and report any incidents as soon as you become aware of them.

If something does not feel right or you need any security advice please contact your own security team or email the NHS Digital Data Security Centre at cybersecurity@nhs.net for further support.

Further information

  1. internal

    Staying cyber fit

    With millions of us working from home due to the COVID-19, the cyber security risks are high. We've created a guide to help you to stay cyber fit when working at home.

Last edited: 7 May 2020 2:21 pm