Working from home means your kitchen table or spare bedroom has become your office. Your laptop holds client data. Your home WiFi connects you to business systems. Your phone receives work emails. The security that used to be handled by an office network and an IT person down the hall is now your responsibility.
This is not about turning your home into a corporate fortress. It is about practical steps that protect your work without making your home unliveable. Most of these take less than an hour to set up and cost nothing.
Secure your home WiFi first
Your home WiFi is the gateway to everything you do online. If it is not secure, nothing else matters. Every device on your network, every login, every file you access goes through that router.
Change the default admin password
Your router came with a default admin username and password. It is usually something like “admin” and “password” or printed on a sticker on the device. Anyone within WiFi range can try those defaults. If they get in, they control your router and can see everything on your network. Log in to your router (usually at 192.168.1.1 or 192.168.0.1) and change the admin password to something unique.
Use WPA3 or WPA2 encryption
Your WiFi network should be encrypted. Check your router settings and make sure WPA2 or WPA3 is enabled. Anything older than WPA2 (like WEP or WPA) is not secure. If your router does not support at least WPA2, consider replacing it. Most modern routers sold in South Africa in the last five years support WPA2 as a minimum.
Change the WiFi password from the ISP default
The password your ISP set for your WiFi network is often generic or predictable. Change it to something strong and unique. A good WiFi password is at least 12 characters, mixes letters and numbers, and does not include obvious words like your street name or surname.
Hide your network name if you work with sensitive data
You can set your WiFi network not to broadcast its name (SSID). This does not make it invisible to someone determined to find it, but it reduces the chance of casual attempts. For most home workers, this is optional. For anyone handling client financial data or personal information, it adds a layer.
Use a VPN when you work outside your home
A VPN (virtual private network) creates an encrypted connection between your device and your business network or the internet. It hides your activity from anyone else on the same network. This matters when you are working from a cafe, a co-working space, or anywhere with public WiFi.
When to use a VPN
- Any time you connect to public WiFi (coffee shops, libraries, airports, hotels)
- When working over LTE or mobile data if you are accessing sensitive business systems
- If your business provides a VPN for remote access to office servers or shared files
When load shedding forces you to work from public spaces
In South Africa, load shedding is a reality. When your home power is out and your laptop is running on battery, you might head to a cafe with power and WiFi. That public WiFi is not secure. Anyone on the same network can potentially intercept what you are doing. A VPN encrypts your connection so your work stays private.
Business VPN vs personal VPN
If your company provides a VPN for remote access, use it. That VPN connects you securely to your office network so you can access files, servers, and systems as if you were physically in the office. If your business does not provide a VPN, consider a commercial VPN service for when you work on public WiFi. We set up and manage VPN access as part of remote work support.
Enable multi-factor authentication on all business accounts
Multi-factor authentication (MFA) is the single most effective thing you can do to protect your accounts. Even if someone gets your password, they cannot get in without the second factor (usually your phone).
According to Microsoft, enabling MFA blocks over 99% of account compromise attacks. This is not theory. It is based on data from billions of login attempts. A stolen password on its own is useless if MFA is turned on.
What to enable MFA on (priority order):
- Email – if someone gets into your work email, they can reset passwords for everything else
- Microsoft 365 or Google Workspace – your email, files, and calendar are all behind this account
- Banking and financial systems – anything involving money
- Client portals and business tools – CRM, accounting software, project management
We cover how to set up MFA in detail in our article on multi-factor authentication. If you are not sure whether MFA is enabled on your accounts, check now. It takes five minutes and it is the most impactful security step you can take.
Keep work and personal separate where possible
The line between work and personal blurs when you work from home. Your work laptop is on the same desk as your personal tablet. You check work email on your phone. You print a client document on the printer your kids use for school projects. The more mixed it gets, the harder it is to keep work data secure.
Separate devices if you can
If your business provides a work laptop, use it for work only. Do not use it for personal browsing, online shopping, or letting your kids watch videos. If you are self-employed and use one device for everything, create separate user accounts on your computer – one for work, one for personal. This keeps work files isolated.
Separate browsers or profiles
If you cannot separate devices, separate your browser. Use Chrome for work and Firefox for personal (or the other way around). Or use Chrome profiles – one profile signed in with your work Google account, another for personal. This keeps your work logins separate from your personal ones and reduces the risk of clicking a phishing link in a personal email that compromises your work account.
Physical security matters too
Your laptop, your phone, and any external drives with work data on them should be physically secure. When you leave your home office (even just to go to the shops), put your laptop away. If you work from a cafe, do not leave your laptop unattended while you go to the bathroom. Laptop theft is common in Cape Town. If your device is stolen and it is not password-protected or encrypted, whoever has it can access everything.
Protect your devices with encryption and updates
Security on a home device is not automatic. You need to actively manage it.
Turn on full disk encryption
Windows has BitLocker. Macs have FileVault. Both encrypt your entire hard drive so that if your laptop is stolen, the data cannot be read without your password. This is critical if you store client data, financial records, or personal information on your device. Under POPIA, businesses are responsible for protecting personal data on any device, in any location – including your home.
Keep your system updated
Windows updates, macOS updates, software updates – they exist for a reason. Most updates include security patches for vulnerabilities that have been discovered. If you ignore updates, your system is open to known exploits. Set your device to install updates automatically, or if you prefer to control when they happen, schedule them for a time that does not interrupt your work.
Antivirus and endpoint protection
Windows Defender (built into Windows) is a decent baseline for personal devices. For business devices, managed endpoint protection is stronger. It monitors for threats in real time, blocks malicious activity, and reports back to a central dashboard. This is included in our managed plans and is available as an add-on for the @home plan.
Backup your work
If your device fails, gets stolen, or is hit by ransomware, your work should not disappear with it. Cloud backup (OneDrive, Google Drive, or a managed backup solution) keeps a copy of your files offsite. Local backup to an external drive is good. Cloud backup is better. Both together is best.
South African context: fibre, LTE, and load shedding risks
Working from home in South Africa comes with specific challenges that affect security.
Fibre vs LTE security
Fibre is generally more secure than LTE. Your fibre connection is a physical line into your home. LTE is a wireless signal that can potentially be intercepted. For most home office work, fibre is fine as long as your home WiFi is secure. If you are forced to work over LTE (because your fibre is down or you are at a location without fibre), use a VPN to encrypt your connection.
Load shedding forces mobility
When load shedding hits during working hours, many people take their laptop to a cafe or co-working space with power. This exposes your device to public WiFi and physical theft risk. If you work this way regularly, you need a VPN, strong device passwords, full disk encryption, and you need to be aware of your physical surroundings.
UPS and inverter considerations
A UPS or inverter keeps your internet connection alive during load shedding. But if your home router and fibre ONT are not on backup power, your laptop will keep running but your internet will not. Security-wise, this is fine. It just means you are offline. When power returns, make sure your devices reconnect properly and check that any VPN connections re-establish securely.
Need help securing your home office?
If you are working from home and you are not sure your setup is properly protected, we can help. Security for remote workers is part of what we do. We can check your current setup, identify gaps, and put the right protections in place.
Talk to us about remote work security
Or get in touch directly:
Call: 087 820 5005
WhatsApp: 081 526 1626
Already working from home and want managed support? The @home Plan gives you device monitoring, patch management, and priority support for R360 per month. Or explore our full remote work solutions.
0 Comments