skip navigation
skip mega-menu
By The North West Cyber Resilience Centre

75% of UK workers will be job hunting this January (according to Reed). With many workers pondering new year career resolutions, as a business, you might also be welcoming new starters into your office (or even remotely).

To help, the Cyber Resilience Centre has created a Cyber Security New Employee Checklist for employers, which includes further tips and links to other security resources to help your business improve its resilience to cybercrime. 


Recent research showed that UK workers are still going into the office (an average of 1.5 days a week), so you must lay down the basic policies and instructions for any new employee.

Cyber Security Guidance specific to office-based employees

  • Implement Security Policies - Manuals, IT Guidance, Confidentiality (or Non-Disclosure) Agreements

  • Provide them with physical security access - Keycard, Parking pass, etc

  • Set up their account access - websites, social media accounts, software, Slack, Canva

  • Device setup - Laptop, account, GDrive access

  • Ensure firewalls and anti-virus software are enabled

  • Give them password guidance & access to your password manager

  • Show them how to store physical and digital files

  • Tell them how to share sensitive data with colleagues

  • Ensure they know how to lock their computer and desktop

  • Do they know what to do if they receive a phishing email or are the victim of a cyber attack?

  • Do they need to know their role in your company's Cyber Incident Response Plan

Guidance specific to Remote / Hybrid Workers

With the growing trend of companies having employees who work 100% remotely or spend a couple of days in the office, you must make employees aware of the security risks they may face. So here are some of the questions you should ask any new hires.

  • Are they suited to working from home or working remotely? What do they need?

  • Do you have a policy on home working / remote working / BYOD?

  • Ensure employees do not use personal social media or eCommerce accounts on work devices.

  • Make sure employees have account access across multiple devices

  • Ensure they're aware of your Password Manager

  • Setup with your company VPN

  • Recommended when they can/can't work away from home and how to secure themselves in remote environments (cafes/airports/hotels)

What policies should be covered by employers with employees?

Businesses can implement as many policies as they like but they must cover anything relevant to your company and your processes. To help you get started, here are five policies that every business should implement with employees.

  • Cyber Security Policy

The more we rely on technology to collect, store and manage information, the more vulnerable we are to security breaches. Human errors, cyber-attacks and system malfunctions can cause financial damage and may jeopardise your company's reputation.

A cyber security policy outlines your guidelines and provisions for securing your data and technology infrastructure.

  • Anti-Virus / Anti-Malware Policy

An Anti-Virus policy aims to promote the use of anti-virus and anti-malware software. Employees should be educated about the Policy and given directions to ensure all legal regulations are followed.

  • Password Policy 

Hacked passwords are among the most common causes of data breaches, and it's not surprising when people set weak passwords such as '123456' and 'Password'. Businesses should mitigate this threat by creating a password policy that outlines specific password creation instructions.

  • Device Usage Policy

This Policy explains your company's rules on using work devices and personal devices used during work hours and when working remotely.

  • Work From Home (WFH) / Hybrid Working Policy

Working from home needs to be managed carefully, especially with new hires; you must have a valid working-from-home policy. Your Policy should outline what homeworking means and how employees can ask to work from home. In addition, it should outline some of the working-from-home rules that are specific to your business.

Read more about our New Employee Cyber Security Checklist for Employers on our website

Subscribe to our newsletter

Sign up here