COVID-19 Quick Remote Work Cyber Security Checklist
Direct answer: Organizations can reduce remote-work cyber risk quickly by running a role-based checklist for leadership, employees, and directors that covers communication, endpoint controls, incident handling, and phishing preparedness.
The earlier article "Coronavirus (COVID-19) Guidance for Small and Large Businesses" described business-response steps. As remote work expanded globally, cybercriminals increased malicious email and VPN-targeting activity.
The e-InnoSec team published this quick checklist to help organizations evaluate remote-work readiness and identify areas that need immediate security attention.
The checklist is split into three parts based on roles and responsibilities in the organization.
What should senior management check for remote work security?
| # | Questions | Yes | No |
| 1 | Is the CEO present in online tools, channels, communicating proactively and engaging in timely conversations? | ||
| 2 | Has the management explained in writing what the company is trying to accomplish and has a vision that can help employees rally behind? | ||
| 3 | Has management addressed the issues raised by employees? | ||
| 4 | Is management courteous, compassionate, and authentic across channels? | ||
| 5 | Does the company have online expressions for your culture? The virtual water cooler where high fives, celebrations, gossip, community, family, personal interest, happy emojis, etc. can be shared. | ||
| 6 | Does the company have the right digital tools to facilitate communication? (E.g., Text messaging, Slack, email, wikis, hangout, video conferences, etc.) | ||
| 7 | Do the company have established security policies and guidelines for remote work? |
What should employees check for remote work cybersecurity?
| # | Questions | Yes | No |
| 1 | Is your Wi-Fi connection secure? Can you reach out to the support team to verify and test? | ||
| 2 | Is anti-virus or any updates/patches applied timely to the computer without delay? | ||
| 3 | Do you back-up periodically in addition to auto backup runs? | ||
| 4 | Do you lock your screen while away and protect them from kids? | ||
| 5 | Did you check with your support team that encryption is in place and working? | ||
| 6 | Are you familiar with applicable security guidelines, plans, and policies? | ||
| 7 | Are you aware that the work computer and other devices must not be shared? |
What should directors check for remote work cybersecurity?
| # | Questions | Yes | No |
| 1 | Do you have adequate support staff to address the questions from remote workers and resolve the issues in time? | ||
| 2 | Do you have the ability to push updates, patches, etc. and enforce timely implementation? | ||
| 3 | Can you provide virtual solutions, digital signature, and approval workflows? | ||
| 4 | Do you have clear procedures for employees to follow in case of a security incident? | ||
| 5 | Can you limit access to sensitive data where it makes sense? | ||
| 6 | Do you have a data breach and incident response plan to manage incidents? | ||
| 7 | Did you send a reminder to employees as to what information needs to be protected? (E.g., confidential, sensitive business information, trade secrets, intellectual property, private employee information, work product, customer information, and other personal information that identifies a person.) | ||
| 8 | Have you trained employees on how to detect and/or handle phishing attacks and other forms of social engineering attacks? | ||
| 9 | Do you have a policy in place to prohibit access to company information systems while on public wi-fi? | ||
| 10 | Do you have solutions in place to manage and secure mobile devices and applications? | ||
| 11 | Are you communicating with employees about coronavirus-themed phishing emails? |
What supporting notes and example phishing email are included?
The checklist references guidance and articles from Fast Company, ENISA, JDSPURA, BBC, CNBC, and other sources.
The source post also includes a phishing email example to reinforce awareness.
Key Takeaways
- Use role-based accountability for leaders, employees, and directors during remote-work operations.
- Prioritize secure connectivity, patching, endpoint hygiene, backup discipline, and device-handling controls.
- Define clear security incident procedures and escalation responsibilities.
- Continuously communicate phishing trends and train teams with real examples.
Related Resources
Related Posts
COVID 19, Remote Work, and Cyber Security
A role-based remote work cybersecurity checklist for senior management, employees, and directors, including phishing awareness and incident response readiness.
Read More
Senior Mgt & Employee Responsibilities - COVID 19
A practical remote-work cybersecurity checklist defining senior management, employee, and director responsibilities during COVID-19 operations.
Read More
COVID -19 Quick Check For Fraud
COVID-19 quick fraud check using source data on internal and external fraud schemes, corruption risks, and practical review steps.
Read More
GRC Insights That Matter
Exclusive updates on governance, risk, compliance, privacy, and audits — straight from industry experts.