Remote work was rare just a few years ago, but it’s quickly become the norm. More people than ever have the chance to work from home, and that’s great for productivity and flexibility, but it comes with some risks. If you work remotely, you may unintentionally threaten your company’s security.

How Does Working Remotely Threaten Security?

A 2020 survey found that 20% of U.S. companies had experienced a data breach because of a remote worker. A separate report found that these breaches cost $1.07 million more on average over those where remote work isn’t a factor. Companies with at least 50% of their employees working from home also took 58 days longer to find and fix these issues.

So why is remote work such a problem for cybersecurity? A lot of it stems from the company and its IT team having less knowledge and control over your devices and how you use them.

In a normal office environment, your company can control what devices you use to access sensitive files and can monitor the network for suspicious activity. When you work from home, you’re on your own network with your own devices, so IT teams can’t use the same security software or enforce policies effectively.

Phishing is another big piece of the puzzle. Working from home means using email and similar tools to communicate with coworkers and supervisors. With so many emails going back and forth, it can be harder to spot a phishing attempt, where cybercriminals pose as someone you trust to gain information.

How to Improve Remote Work Security

It may be challenging to secure remote workers, but it’s not impossible. If you work remotely, you can take several steps to reduce your risk and protect your data and your company’s systems. Here are the most important strategies.

Watch Out for Phishing Scams

Phishing is one of the biggest remote work threats, with some campaigns targeting more than 10,000 companies to steal their login information. Thankfully, phishing is also fairly easy to protect against. You just have to know the signs of a potential scam and check everything before trusting it.

One common sign to watch out for is unusual urgency. Anything asking you to click or give away information now should raise some red flags. Spelling errors, email domains that look off and generic greetings are other telltale signs. As a rule of thumb, never give away sensitive information over email, and don’t click on any unsolicited links.

Use Antivirus Software and a VPN

Another important step is to download some security software. In a traditional office, your company will often take care of this, but they can’t enforce it with remote workers. Consequently, you should take it into your own hands.

First, install anti-malware software, which you can find for free from many trusted names like Avast, Bitdefender and AVG. It’s also a good idea to use a virtual private network (VPN), which hides your IP address and encrypts your device’s communications. That’s especially important if you use public Wi-Fi often, like working from a coffee shop. Remember to keep all this software up-to-date, too.

Secure Your Wi-Fi and Smart Devices

A VPN isn’t the only way to encrypt your internet traffic, either. Make sure your Wi-Fi router has encryption enabled, which you often control with a switch on the back. Set it to WPA2, the strongest encryption type on most routers, if available.

If you have a lot of smart devices in your home, consider running those on a separate network. You can usually set up a guest network on your router to do that. This separation will ensure these devices, which often have minimal built-in security, don’t become gateways to your more sensitive gadgets and data.

Practice Better Password Management

Finally, take the time to review all your passwords. Many times, a simple username and password are all you need to access company systems as a remote worker, so these should be hard to crack. Hackers today can crack an eight-character password in just a few minutes, but an 18-character code with a mix of cases, numbers and symbols can take years.

Use long, complex passwords for every account and device you have, even your non-work ones. Avoid reusing the same password, too, because if you do that, a breach in one account could give a hacker access to another. If multi-factor authentication (MFA) is an option, turn it on because that means you need more than a stolen password to get in.

Protect Yourself and Your Company

Following these steps will help boost the security of both your company and your personal data. There’s no such thing as a security measure that’s 100% effective, but implementing all these little changes will make you a lot safer.

Remote work is often a security threat, but it doesn’t have to be. If you and your fellow remote workers follow these steps, you can work relatively safely from anywhere.