Work and transact online
Kia haumaru tō mahi mamao

Stay secure when working remotely

When you access sensitive information remotely – whether it's from home, from a cafe or from a shared workspace – you need to have strong security protections in place.

The risks

If you’re planning on working from home, talk to your IT team about your company’s policies and the options available to you. They may have some restrictions, or steps they’d like to take, before they give you access to the company network remotely.

This is because some of the security measures at your workplace may not be on your home network or a public network. These include things like web filtering, firewalls and data encryption. 
If you freelance or work for yourself, you'll need to set up extra protections yourself.

How to protect yourself

  • Only use WiFi you trust

    Use a trusted network, for example your home network or your mobile hotspot (with a strong password), rather than the public, shared WiFi at a library, airport or café.

    Attackers can intercept traffic in public WiFi using an attack called person-in-the-middle (or sometimes man-in-the-middle), where they read or change the data you’re sending across the WiFi.

    Where possible, try to only visit secured websites when you're out and about – they're encrypted unsecured websites. Many apps use HTTPS but some don't – because it's difficult to tell the difference, it's best not to use them on public WiFi.

  • Check your physical security

    If you have to work in a shared area, be aware of who’s around you and make sure no one's 'shoulder surfing' and watching you enter information. Consider getting a privacy screen to make this much harder.

    If you're on the phone, check who’s within hearing range and don't talk about confidential information. Keep your devices with you at all times. If you have to step away from your device, lock it and make sure it requires a strong password to unlock.

  • Virtual private networks (VPN)

    Use a when connecting to your work’s network. This creates an encrypted tunnel between your computer and your work’s network, protecting the files and data you’re accessing from your home network.

    Use a your organisation gives you rather than a personal one, if possible. If you’ve set up a guest network on your home , add your work’s device to the guest .

    Secure your home network

  • Enable two-factor authentication

    Two-factor authentication ( ) gives you an extra layer of protection so that attackers can’t get in if they’ve guessed your password or stolen your credentials.

    Use two-factor authentication to protect your accounts

  • Use encrypted tools for communication

    Check which options have before choosing a tool to use to keep in touch with workmates or clients. This applies for instant messaging and any video conferencing you need to use.

    If the system you use doesn’t offer this, for example text messages – consider changing or make sure everyone knows to avoid sharing or talking about sensitive information. This is any information you wouldn’t want made public.

  • Be vigilant about unexpected emails

    If you are working remotely from your phone, be extra cautious about suspicious emails. If you weren’t expecting a particular email, ignore it and look at it once you’re on a desktop computer. That way it’s easier to hover over the links, and check the 'sent' address.

  • Follow our top tips

    Our usual best practices also apply when working remotely:

    • Use a long password or , that you haven’t used elsewhere, to access any system.
    • Enable two-factor authentication on key accounts.
    • Update your operating system and check that the software or apps that you’re using are up-to-date as well.
    • Make sure you have installed and are running regular scans.

    Top 11 tips for online security

Get help

If you’ve experienced an online security issue, your first step is to contact the service provider.

You can also report an online issue or security incident to us at CERT NZ.

Get help now