During this global pandemic, companies are rightly considering the health and safety of their employees first by sending them home to work. But these measures could amplify another threat businesses need to be wary of: Cybersecurity.\u00a0According to a recent HP survey, 74% of employees are currently working from home, many without a dedicated office space or the cybersecurity defenses that protect them while they\u2019re in the office. Since it\u2019s unclear how long mandatory work-from-home measures will be required, employers need to put best practices in place now to keep employees and their work safe.\u201cIt\u2019s easier to secure everyone when they\u2019re all sitting in the same office,\u201d says Michael Howard, HP\u2019s chief security consultant for print. \u201cBut when you start looking at everyone working from home \u2014 the complexity of keeping everybody secure becomes much more difficult.\u201dEven before the coronavirus,\u00a0more than a third of CIOs\u00a0said they felt the biggest security threat to their business was employees who don\u2019t take the proper security measures. And security is not just an issue for large enterprises \u2014 according to a\u00a02019 report from Verizon, 43% of data breaches target small- and medium-sized businesses. Working from home without an IT department, with the added stresses of trying to wrangle kids also off from school and stay healthy during a pandemic, is only making it harder to maintain the best digital security practices.\u201cWe know workers that work from home tend to be more lax about security,\u201d says Howard, who\u2019s heading up HP\u2019s companywide security outreach to support customers working from home. \u201cThat\u2019s an even bigger concern in this environment.\u201dHere are some of the best ways to mitigate the most significant threats that come with remote work.Reinforce digital and behavioral defensesWorking from home means using personal Wi-Fi, which is not as secure as being on the network in an office. Gagan Singh, VP of strategy and innovation for HP\u2019s commercial PCs, says that companies need to invest in virtual machines that can be segmented to ensure the whole network isn\u2019t infected if something does happen to one remote computer. Next-generation antivirus software also provides protection, especially since an administrator can manage it remotely and keep it up-to-date, since employees might be tempted to disable the software when it causes their workflow to slow down.There are also basic best practices that employees can follow to protect business data. This includes never saving and never downloading the organization\u2019s information to personal devices and being proactive about their passwords. A few suggestions:\u00a0 Not using work passwords for personal devices (and vice versa), changing passwords immediately if there is even a hint it was compromised, and adjusting settings so that the \u201cremember password\u201d functions are turned off when logging on from personal devices. While it would be ideal for technology to help automate some of this, many software makers are scrambling to update their systems for remote workers.Most enterprise businesses already have a cybersecurity governance code in place, which includes an information security policy and other policies that outline security guidelines for remote work and remote access to a company\u2019s information systems. This document needs to be checked to see if it\u2019s up to date and adequately detailed to guide employees to best practices.\u201cManagers should be very familiar with what the guidelines are, and be talking with their teams about it regularly,\u201d Howard says.\u00a0Be hypervigilant about external threatsAccording to\u00a0research from security software firm Trend Micro, 91% of cyberattacks begin with a phishing email, in which an intriguing subject line or familiar-seeming sender lures someone into providing sensitive data or downloading malware. Without the layers of protection put in by an IT department to catch many of these attempts, employees are more exposed to these threats than usual. Companies need to reinforce the need to be wary, including the ways scammers try to manipulate people, and keep remote workers up to date with the type of attacks to be on the lookout for.\u00a0\u201cEmployers should make their remote employees aware of a sophisticated, planned strategy of hacking known as social engineering,\u201d says Laura Spawn, the CEO of\u00a0Virtual Vocation, a company that connects people wanting to work from home to remote jobs. \u201cThese attackers may send phishing emails to employees to gather confidential information and often do extensive research about a company before attempting to penetrate their system.\u201d\u00a0To make matters worse, criminals are using our fear of coronavirus against us:\u00a0Cyberthreat researchers at Barracuda Networks\u00a0saw a 667% increase in malicious phishing emails that claimed to be about ways to protect yourself from coronavirus as a way to trick people into opening emails.\u201cIt\u2019s a good idea to ensure sensitive data is encrypted during transmission, processing, and while it\u2019s sitting on your home network,\u201d Howard says. \u201cAt the very least, you have to remind and train employees that scammers are perpetually on the prowl, and they\u2019re taking advantage of what\u2019s happening now.\u201dIt\u2019s not just phishing attempts in people\u2019s inboxes. According to Singh, there has been at least a doubling in ransomware attacks in the last few weeks. These attacks, in which criminals lock up important data and demand payment for its release, were\u00a0projected to cost $8 billion in 2019. Those emails and texts also prey on fear, offering attachments with titles like, \u201cHow to protect yourself from coronavirus.\u201d\u201cIt\u2019s very likely you will click on it,\u201d Singh says. \u201cWe are doing 100% of work and 100% of life simultaneously, and that just exposes us to a lot more threats.\u201dHarden up home hardwareIn the rush to social distance, many people went remote without work computers and had to rely on whatever setup they had at home. This creates potentially serious security risks, since consumer products aren\u2019t always up to the level of enterprise hardware used in the workplace.\u201cThe organization has no control over those computers,\u201d says Michael Hamilton, founder and CISO of digital security firm\u00a0CI Security. \u201cYou have to constantly message your employees that you are a target and have to be extra careful.\u201dIf possible, Hamilton says employees shouldn\u2019t use the same computer for remote work as any leisure or home computer time. For businesses that are able to \u2014 and those with employees working on highly sensitive information \u2014 Singh suggests companies consider buying a work-only computer for employees to break up these two different use cases as a way to minimize risks.\u201cI recommend that every business challenge their suppliers and vendors to ensure all their software and hardware can be implemented in a secure way,\u201d Howard says. \u201cIt\u2019s more critical than ever that every endpoint purchase decision should be a security decision.\u201dBesides computers, remote workers need to take a careful look at the rest of the home hardware they are using. For example, employees should lock down their routers with unique passwords since hackers attack routers constantly.\u00a0\u201cIt\u2019s very easy to get into your PC through your router,\u201d Singh says. \u201cWhen you get infected at work, the IT department takes your PC off the grid so you can\u2019t infect others, but when you get infected at home, the chance for you to be the host that takes the entire company down is very high.\u201d\u00a0Remote workers should also consider putting any connected devices like smart thermostats or voice assistants on a separate wireless network and\u00a0creating a dedicated one for their work computer\u00a0if their home router supports it. Printers, which are connected to the internet but often overlooked, should also go on the separate network since they are regularly targeted in hacks. If employees need to keep a printer online at home, they need to make sure the device has up-to-date firmware and any patches the manufacturer has released to keep it secure.Deflect attacks with software solutionsThe next best thing to a secure office is a\u00a0virtual private network,\u00a0or a VPN. Hamilton suggests companies provide VPN access so users can connect to work networks to send and receive files, data, and applications from anywhere, securely.\u00a0Another software service that many companies need to consider will be remote monitoring, in which a security team keeps track of threats and shuts them down. In a time when many companies are seeing a drop in business, it might seem like a steep expense, but not spending the money now could lead to an even costlier mistake.\u201cYou can do everything to protect yourself, but [attacks] are going to happen, and you have to be able to detect and respond,\u201d Hamilton says. \u201cIf you get a bad piece of malware right now, you\u2019re done.\u201dIT workers might need extra check-ins to confirm they aren\u2019t overwhelmed as they work to protect a suddenly dispersed workforce while potentially working from home themselves.\u00a0\u201cPushing everyone remote essentially overnight and then having to maintain security is a huge challenge, and companies need to continue to praise them and give them the tools that they need,\u201d Howard says. \u201cThey are all heroes.\u201dLearn more about working remotely\u00a0and\u00a0how HP is helping you adapt.