The remote worker security checklist.
Your employee's home network is now part of your company's security perimeter. Here's the ten-item checklist that actually protects it.
When one of your employees works from home, their home network is now part of your company's attack surface. The Wi-Fi router they've never updated, the kids' gaming PC on the same network, the smart thermostat — every one of those is a potential foothold. A practical checklist beats hoping for the best.
Why home networks are weaker than office networks
A typical office network has a business-grade firewall, segmented Wi-Fi, patched equipment, and an MSP watching logs. A typical home network has a router the ISP installed five years ago, a single flat network everything sits on, and no patching discipline. If you want remote work to be safe, you have to compensate for that gap.
What we actually find in home networks
“A remote bookkeeper's home router was running firmware from 2019 with a known vulnerability.”
Red flag: Attackers had quietly added a backdoor. They read network traffic for weeks before we found it during a routine review.
“A remote developer's teenage son had installed a game mod that contained a credential stealer.”
Red flag: The work laptop shared Wi-Fi with the gaming PC. The stealer harvested browser cookies and pivoted onto the work device.
The ten-item checklist
- Work laptop only for work. No personal browsing, no family use.
- Full-disk encryption on every work device — BitLocker or FileVault.
- EDR (Defender for Business, or similar) deployed and reporting centrally.
- Business VPN enabled for any access to company systems or sensitive SaaS.
- MFA on everything that can be protected by it.
- Separate SSID for work on the home Wi-Fi — not on the kids' network.
- Home router firmware up to date. Manufacturer replaced if it's unsupported.
- Screen auto-lock after 5 minutes of inactivity.
- Webcam cover in place when not in a meeting.
- A written remote-work policy the employee has read and signed.
We'll deploy this for you.
Setting up secure remote work across a team is exactly the kind of project we quote in a morning. Reply and we'll scope it.
- 1Issue company laptops instead of allowing personal devices for work.
- 2Deploy EDR, MFA, and a business VPN on every remote worker's laptop this month.
- 3Ask every remote worker to confirm their home router firmware is current.
- 4Create a separate work SSID for remote employees where possible.
- 5Put the ten-item checklist in your onboarding pack and review it annually.
Want help securing your business?
Schedule a quick security review with our team. 15 minutes, no sales pressure — walk away knowing exactly where your gaps are.
Schedule a quick security reviewKeep reading
Your public Wi-Fi is not safe.
Hotel, airport, and coffee-shop Wi-Fi are still hunting grounds. Your phone's hotspot or a business VPN is a two-minute fix that shuts them down.
ReadTip #23 · Remote & mobileYour laptop was just stolen — what now?
A stolen laptop is a breach waiting to happen. The four things you do in the next 30 minutes decide whether it's a property loss or a data incident.
Read