Working from home securely: 12 tips to help you stay cyber-safe

Estimated reading time
 5 min

Key points

• Working from home has become the new normal for a lot of Australians, and while it has many benefits, it also comes with cybersecurity risks that you need to be aware of.
  
  
• Getting hacked while working from home can have significant repercussions for your workplace, such as financial or data loss.
  
  
• Staying safe when working from home online comes down to mastering the cybersecurity basics to help keep you and your work safe.

Working from home has become a standard part of life for many Australians. While remote work can be convenient, this convenience also brings heightened cyber security risks.

“There are so many ways a hacker can get into an organisation or business simply by targeting individuals who work from home,” explains David Mulligan, ANZ Offensive Security Lead. “And it can be really easy to get into a work device or account if it’s not well-protected.”

Understanding how to work securely from home is essential. By taking proactive steps, you can help protect your devices, safeguard your accounts, and make it harder for cybercriminals to strike - we’ll show you how.

Why is being cyber-smart important for remote working?

Remote work gives us the flexibility to work from anywhere, but it also means we need to be more vigilant about cybersecurity. One of the biggest risks in a remote setup isn’t just the technology - it’s human error.

A simple mistake (such as, clicking on a dodgy link or opening a malicious attachment) can lead to serious threats like malware, ransomware, or even remote access to your device.

Once that happens, the consequences can be severe - data loss, locked files, exposure of sensitive information and more. This can disrupt your work, impact your team, damage customer trust and can be costly.

Being cyber-smart helps you avoid common traps, protect your work, and keep your digital environment secure. It’s not about being perfect - it’s about staying alert, pausing before acting and making safer choices online.

12 basic cyber safety tips for working from home 

“Home network security really does come down to the basics,” explains David. “The simple things like setting up multi-factor authentication (MFA), using strong passwords and passphrases all play a role in keeping your devices and networks safer when you work from home.”

Here are twelve tips to help you work from home safely:

1. Make a strong, unique password or choose a passphrase. “One of the biggest security threats are weak passwords,” David says. “People and businesses are still choosing weak passwords for their accounts and devices, which makes hacking them a breeze for scammers. You can use a phrase from your favourite book, poem or film – the longer and more unique it is, the harder the hacker has to work to break into your account. And don’t use the same password for everything. If you struggle to remember your passwords, then use a password manager to keep track of them all.”
   
   
2. Secure your home network – both your hardline and your Wi-Fi. “A lot of people who work from home don’t secure their home Wi-Fi and use the default password that’s provided to them – this is an easy password for a lot of hackers to crack. It’s important that you change your Wi-Fi password to a strong, unique password or passphrase, and ensure you’ve got auto-updates activated on your modem.”
   
   
3. “Update all your systems and devices – even the ones you don’t use for work,” David says. “If everything is up to date, the hacker will have fewer opportunities to try and break into the devices on your home network.”
   
   
4. Turn on multi-factor authentication (MFA) for all your devices and accounts. “Not having MFA can become a huge weakness,” David shares. “If a cybercriminal can get through a weak password, and you don’t have MFA turned on, it’s basically game over for your data or money.”
   
   
5. Be aware of the different types of scams that can impact your devices and accounts.
   
   
6. Don’t use public Wi-Fi if you’re working off a company device in public places like a café or airport. If you really need to use Wi-Fi on a work device when you’re out and about, consider hot spotting off your phone.
   
   
7. Pause before you click on links or download attachments that come unexpectedly. Take the time to verify that it’s from a legitimate email or phone number that you and your workplace regularly engage with.
   
   
8. Set up a virtual private network (VPN) for your home. A VPN is a secure and encrypted network over the internet that you can use to work from home online safely. This private network hides and scrambles your internet activity and can make it difficult for cybercriminals to access the data on your work devices.
   
   
9. Secure your devices when not in use. Don’t leave your device unattended and lock your computer when it’s not in use, even if it's only for a short period of time, such as going for a lunchtime walk.
   
   
10. Don’t click on links or download attachments from unknown email senders.
    
    
11. Dispose of any physical documents with sensitive information securely. Don’t just throw it in the trash or recycling bin. Shred any physical documents that you don’t need, especially if they contain confidential and sensitive information about customers, employees or the organisation, such as their name and address.
    
    
12. Stay up to date on the latest scam alerts so that you can be prepared just in case a scammer contacts you for a request.

What can you do if your work devices are compromised?

• Disconnect the device from your network and turn it off at the power.
  
  
• Log out of all your workplace accounts – and log out of your personal accounts too if you think they’re compromised. Reset or change the passwords on these accounts, and active MFA if you haven’t already.
  
  
• Report the situation to your IT department or the appropriate team member straight away.
  
  
• If you’ve shared your personal or workplace’s financial information or transferred money, contact your bank or finance department immediately. If you’re an ANZ customer, contact us immediately to report the fraud.
  
  
• If you shared your personal or business’ credit card details, ‘block’ or cancel those cards immediately. If your cards are with ANZ, you can report the stolen card through the ANZ app or by calling us.
  
  
• Change all your personal and professional passwords immediately.
  
  
• Install the latest updates for your devices and modem to strengthen any weaknesses in your work from home set up.
  
  
• If you have access to your workplace’s bank account, closely monitor credit and financial accounts for any fraudulent transactions.

Who can you contact if you’ve been scammed?

• Report the scam to the Australian Signals Directorate’s ReportCyber portal. This resource is there for reports of scams where money or personal information has been lost.
  
  
• Help others by reporting to Scamwatch to help them prevent future losses, monitor trends and educate the population about emerging threats.
  
  
• Contact your bank immediately if you shared personal or financial information.
  
  
• If you’re an ANZ customer, you can report fraud or suspicious activity in multiple ways, such as through the ANZ app or by calling us