Cyber Security at home



As we adapt to modified ways of working we need to ensure we continue to take the security of our data and systems seriously.  We know cyber criminals are preying on fears of the Coronavirus (COVID- 19) and sending 'phishing' emails that try and trick users into clicking on a link to a bad website (which could download malware onto your computer or steal passwords).

The level of security we rely on at work are naturally reduced when working remotely; and there are some simple security tips both online and offline put together by NHS Digital that will help ensure your work and data remains effective and secure.


Be alert to COVID-19 phishing and vishing (telephone equivalent of phishing) scams.  Threat actors are well aware that people are being asked to work remotely and it presents an opportunity for them to exploit.  If something does not feel right, be it an email or a phone call, please contact your IT Helpdesk.

Don't use public WiFi, either work offline and connect later once at home on a more secure network or connect by tethering to your mobile device. You can also connect via VPN if you have it available in your organisation.

Be suspicious of any emails asking you to check or renew your passwords and login credentials. Try to verify the authenticity of the request through other means e.g. call your IT helpdesk

Don't click on suspicious links or open any suspicious attachments

Change the admin/default password on your home broadband router

Ensure the firmware on your home broadband router is up to date

Make sure you are running all the latest versions of software on all your devices. It's very important to keep your devices up to date

Consider password protecting documents that you send across the internet to other colleagues, especially if they contain patient data

Don't use your work email address to register on non-work-related websites

Have a data back-up strategy, and remember to do it: All important files should be backed up regularly.


Always keep all your work devices with you when travelling (never leave work laptops or devices in cars)

Never allow anyone else such as family members to access your devices for personal use such as internet browsing

Reduce paper-handling to zero.  Try not to print documents and work on them in public spaces.  They will be vulnerable to theft or misplacement 

Use a screen protector to prevent shoulder surfing if you are in public spaces or shared accommodation

Don't write passwords down

Keep your work telephone conversations discreet.  Hold them in a private place if possible

Never leave equipment unattended, anywhere.  Lock your workstation when away from it at home.  It's good behavioural practice and, if you live in shared accommodation, obligatory. 

Familiarise yourself with your organisation’s incident reporting processes and report any incidents as soon as you become aware of them.


Remember, if something doesn't feel right or if you need security advice, please contact your own security team or email the NHS Digital Data Security Centre at for further support.