Practices for Working Securely from Home

Now more than ever, organizations must stay vigilant and ensure they have the most effective tools and controls in place as we continue to work-from-home.

The Canadian Centre for Cyber Security (CCSC) recommends implementing 13 Baseline Cyber Security Controls for Small and Medium Businesses. These Baseline Controls include security measures that will help to mitigate the cyberthreat risk for your remote work employees.


  1. Develop an incident response plan,
  2. Automatically patch operating systems and applications,
  3. Enable security software,
  4. Securely configure devices,
  5. Use strong user authentication/multi-factor authentication,
  6. Provide employee awareness training,
  7. Backup and encrypt data,
  8. Secure mobility,
  9. Establish basic perimeter defenses,
  10. Secure cloud and outsourced IT services,
  11. Secure websites,
  12. Implement access control and authorization,
  13. Secure portable media.

As many of us continue working from home, cyberthreat actors are hard at work looking for gaps and vulnerabilities in our security systems. There’s been a significant increase in phishing emails, hacking attacks, and other online security threats that take advantage of our often less secure, home office environments. These threats can put remote workers’ privacy at risk and could also result in breaching company security. Ensure your remote employees are using secure remote working practices.


  1. Always follow your organization’s security policies,
  2. Do not use public or unsecured wi-fi to connect to work,
  3. Keep personal activities separate from work activities on the same device,
  4. Ensure your OS and other software applications are up to date – apply updates, patches, and security fixes regularly,
  5. Lock your screen when you step away from your computer,
  6. Use multi-factor authentication for accounts,
  7. Secure your home router,
  8. If you receive unexpected emails or other messages, think before you click on attachments, or give out private information, and go to original and verified sources to check information.

You can download our ‘How to Recognize a Suspicious Email’ resource.  Please feel free to share it with your colleagues.

If you have any questions about implementing any of the above secure remote practices, please don’t hesitate to ask. We make I.T. easy. | Calgary: 403.266.3000 | Edmonton: 780.428.3000


Photo by Djurdjica Boskovic on Unsplash

Small Business