The Home-Office Laptop Checklist We Wish Every Small Business Used

A work laptop doesn't get less secure when it goes home. The environment around it does.

In an office, there are quiet boundaries — fewer shared spaces, fewer casual touchpoints, predictable Wi-Fi. At home, the same laptop is suddenly in a space designed for comfort, not control. Devices move from room to room. They sit on counters. They get left unattended for short stretches throughout the day.

On top of that, work and personal life mix. Family members "just want to check something." Kids click on things. Routers run firmware that hasn't been updated since the day it was unboxed. None of those are dramatic. Together, they make most real incidents.

Use this as the minimum standard for any company laptop that goes home. None of it is complicated. All of it adds up.

Lock the screen every time you stand up. Set a short auto-lock timer. Build the manual lock habit too.

Store the laptop like it's worth something. Out of sight is safer than out of the way. Not on the couch. Not on the kitchen counter. Never in the car.

Don't share work laptops with family. Even a quick "I just need to print something" is one click away from a sketchy download.

Use a real sign-in. Long passphrase, never reused. MFA is not a nice-to-have.

If a laptop can't get security updates anymore, it's not a work device. It's a risk wearing a work-laptop costume.

Patch fast. Updates are where most known issues actually get fixed. Restart when prompted instead of postponing for two weeks.

Treat home Wi-Fi like part of the office. Strong password, modern encryption, default admin credentials on the router changed. If the router hasn't had a firmware update in a year, it's time.

Leave the firewall on. Leave antivirus on. If they feel inconvenient, fix the friction — don't switch them off.

Remove software you don't use. Fewer apps means fewer updates to track and fewer ways for something to go wrong.

Keep work data in work storage. Personal Dropbox is not a backup plan. Approved storage keeps things recoverable and auditable.

Be slow with surprise links and attachments. If a message pressures you to click *now*, that's the signal to pause and verify through a second channel.

Only connect from healthy devices. A patched, encrypted, protected laptop gets in. A device that's missing the basics doesn't.

Most home Wi-Fi networks were set up once, years ago, with whatever password the installer wrote on the side of the router. After that, nobody touched them.

Three things to check:

Router admin password. The one you use to log into the router itself, not the Wi-Fi password guests get. If it's still "admin / admin" or printed on the bottom of the device, fix it tonight.

Encryption type. WPA3 if your router supports it, WPA2 at the very least. Anything older — open networks, WEP, WPA — needs to be replaced.

Firmware updates. Most modern routers offer them. Most people never run them. Check now.

The list above isn't extra credit. It's the floor. If your remote setup doesn't meet it yet, that's where to start.

When the basics are non-negotiable — auto-locks, secure storage, real sign-ins, fast updates, a hardened router, work data in approved tools only — most of the incidents people lose sleep over stop happening. Not because the threats went away. Because the easy doors got closed.