Making sure that you stay safe and secure when you use your computer at work is not just good for you, it’s good for business. Here’s how you can contribute to a safer and more secure workplace.

Tips to protect your business

  • Stay up to date: Make sure that you are receiving automatic updates from Windows Update, and that you install any updates that your company requires. Keeping Windows, Microsoft Office, web browsers, Adobe Acrobat Reader, and other software up to date will help protect your computer and your company.  For more information see: Windows Update frequently asked questions (FAQ)

  • Install with caution: Avoid installing any software from outside your workplace that is not approved or administered by your company. Unauthorized programs have the potential to create security vulnerabilities.

  • Use Windows Hello for authentication: You can sign into Windows more securely using Windows Hello facial recognition, fingerprint, or PIN. See Learn about Windows Hello and set it up.

  • Keep strong passwords: If you must use a password, use a strong one. A strong password is at least 13 characters or more, and contains a combination of uppercase letters, lowercase letters, numbers, and symbols. Don't share passwords with others, and do not reuse old passwords or passwords that you're currently using in other places. For more password tips, see Protect your passwords.

  • Click carefully: Be mindful of suspicious links. They can appear in email, tweets, posts, online ads, messages, or attachments, and sometimes disguise themselves as coming from known and trusted sources. See Protect yourself from phishing schemes and other forms of online fraud

  • Beware of public Wi-Fi: If you connect to an unsecured Wi-Fi network with a company device, you’re putting yourself and your company at risk. Find out if your company has a virtual private network (VPN) that you can access when you need to use Wi-Fi away from the office. Never "remember" Wi-Fi networks that you, or your company, does not control. That means setting your device to not connect automatically to public Wi-Fi networks like coffee shops, airports, or hotels.

  • Store your data safely: If your company provides a resource for storing your work such as OneDrive for Business, or SharePoint, you should use that whenever possible rather than storing work only on your local computer. By saving your files on company resources you can be more confident that they're securely backed up and always available, even if your device gets damaged or stolen.

  • Ring the alarm: If you’re using your computer and notice something strange, let your company’s IT department know about it. This helps ensure that your company network stays secure. If you have been victimized by a scam or your files are held by ransomware, avoid dealing with the scammers directly.

  • Browse the web safely: Avoid visiting sites that offer potentially illicit content. Many of these sites install malware on the fly or offer downloads that contain malware. Use a modern browser like Microsoft Edge, which can help block malicious websites and prevent malicious code from running on your computer.

  • Be on the lookout for scams: Some scammers search social media for employment information and send emails that appear to be about work-related transactions. Be careful when responding to or acting upon unsolicited communication whether through email, phone, or SMS. The FBI regularly warns about business email scams and provides contact information for complaints and reports. If you get an unusual or unexpected request for sensitive information, or money, contact the apparent sender directly to confirm. Preferably by phone.

  • Avoid oversharing work-related info on social media: Sharing too much detail about your work responsibilities and contact information on social media can attract scammers. They might leverage this information to send you targeted scam messages that appear legitimate. Or they could use that info to impersonate you in scam messages to your colleagues.

  • Protect physical devices: Removable drives and mobile devices, including laptops and cellphones, are easily stolen along with all the data they contain. Keep these devices safe and stored properly, especially when using them in public places or leaving them in your car. Make sure any portable or removable devices are properly encrypted so that if they do fall into the wrong hands the data on them is harder to access.

Working from home? See Top tips for working more securely from home

Prevent and remove malware with Windows Security

One important step toward greater workplace security is to protect your computer against malware. Windows Security (or Windows Defender Security Center in older versions of Windows) is built-in to Windows and provides real-time malware detection, prevention, and removal with cloud-delivered protection. 

For more info, see Virus & threat protection in Windows Security.

Other ways to remove malware

If you encounter problems removing malware, try to contact your company’s IT department for assistance. They might need to immediately contain any breaches and ensure the rest of the company network is safe.

To assist all Windows customers, including those who are not running Windows Security, Microsoft provides Microsoft Defender Offline.

Microsoft Defender Offline

Microsoft Defender Offline runs outside of Windows to remove rootkits and other threats that hide from the Windows operating system. This tool uses a small, separate operating environment, where evasive threats are unable to hide from antimalware scanners.

With Windows 10 or 11, Microsoft Defender Offline is built-in to the operating system and can run from Windows Security. It's provided as a separate download for previous versions of Windows.

Learn more about Microsoft Defender Offline

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.