discover the best IT security practices to adopt in a shared workspace to protect your data and avoid cyberthreats in the office.

In a shared workspace, where digital exchanges are constant and equipment is often shared, IT security becomes an absolute priority. Whether it’s to preserve data confidentiality, avoid cyber-attacks or limit the risks associated with risky behavior, adopting best practices is essential.

Every user, whether employee, collaborator or freelancer, plays a key role in protecting sensitive systems and information. Simple gestures, such as rigorous password management, vigilance in the face of fraudulent messages or securing connected devices, can significantly strengthen day-to-day cybersecurity. In an environment where threats are constantly evolving, a proactive and collective approach is essential to guarantee a safe and reliable digital space.

discover the best IT security practices to adopt in a shared workspace to protect your data and guarantee the confidentiality of your business information.

In a coworking space or shared office, IT security becomes an absolute priority. With so many users, shared connections and shared equipment, the risks of cyber-attacks, data theft ormalicious intrusion are heightened. Whether you’re self-employed, a start-up or a teleworker, adopting best practices will help protect your sensitive information while preserving your productivity and peace of mind. This article explores the essential measures for securing your digital tools, from password management to phishing prevention, to the safe use of shared networks and external devices.

 

Why IT security is crucial in shared spaces

 

Collaborative workspaces offer unrivalled flexibility, but they also expose users to specific vulnerabilities. Unlike a traditional office, where access is often controlled by a dedicated infrastructure, a coworking or shared open space involves shared Wi-Fi connections, non-fixed workstations and frequent occupant rotation. These elements create a breeding ground for cyber threats, such as account hacking,data interception ormalware infection.

 

Furthermore, distractions and ambient noise – a well-known challenge in these environments, as this study on the impact of noise at work highlights – can lead to carelessness: forgetting to lock your session, leaving a password lying around on a post-it note or plugging in an unfamiliar USB stick. A proactive security policy is therefore essential to limit these risks, especially as coworking spaces generally implement physical measures (cameras, badges) to complement digital protection, as detailed here.

 

Protecting your devices and data: the basics

Keep your systems up to date

 

The first line of defense against cyberattacks is to regularly update your operating systems (Windows, macOS, Linux) and applications. Software publishers frequently release security patches to close the loopholes exploited by hackers. In shared-space environments, where networks are often shared, an unpatched vulnerability on your machine can be used as an entry point to compromise the entire network. Activate automatic updates and manually check at least once a month that everything is up to date.

 

Use a powerful antivirus and firewall

 

An up-to-date antivirus is essential to detect and block malware, ransomware or spyware that could infect your device via an unsecured network or malicious attachment. Choose recognized solutions (Bitdefender, Kaspersky, Norton) and set up regular scans. Your system’s built-in firewall should also be activated to filter incoming and outgoing connections, especially if you use sensitive applications (accounting, project management).

 

Secure your internet connection

 

In a coworking space, shared Wi-Fi is a prime target for cybercriminals. To limit the risks, avoid open networks or those with suspicious names (e.g. “FreeWiFi_Hiptown_Fake”). Prefer connections requiring a password and, if possible, use a VPN (Virtual Private Network) to encrypt your traffic. A VPN creates a secure tunnel between your device and the Internet, making your data unreadable to anyone trying to intercept it. Solutions such as NordVPN and ProtonVPN offer both free and paid versions for professionals.

 

To find out more about network security in shared spaces, visit this dedicated page.

 

Password management: a pillar of security

 

Create strong, unique passwords

 

A weak password is one of the main causes of account compromise. To be effective, a password must :

 

    • Be at least 12 characters long,

 

    • Mix uppercase, lowercase, numbers and special characters (e.g. Afet@Zy6o45),

 

    • Be unrelated to your personal life (avoid names, dates of birth, or animal names),

 

    • Be unique for each service (business messaging, social networks, online banking).

 

To make memorization easier, use mnemonic methods:

 

    • Phonetic method: Transform a phrase into a password. For example, “I bought eight CDs for a hundred euros this afternoon” becomes ght8CD%E7am.

 

    • First letter method: Take the initials of a quote. “One of yours is better than two, you’ll get it” gives 1tvmQ2tl’A.

 

 

Store and manage your passwords securely

 

Writing your passwords on an unencrypted file or saving them in your browser without protection is a common mistake. For optimum management :

 

    • Never use the same password for multiple services.

 

    • Never share it, even with a colleague or loved one.

 

    • Never send it by email or messaging.

 

    • Renew it regularly (every 3 to 6 months).

 

    • Use a password manager like KeePass, an open-source and secure solution, pre-installed on Windows 10 workstations in many coworking spaces. Beware of fraudulent versions: download it only from the official website.

 

To find out more, take a look at the simple steps you can take to strengthen your day-to-day cybersecurity on this page.

 

Protect yourself against phishing and social engineering attacks

 

Recognize a fraudulent email or message

 

Phishing is a common technique for stealing credentials or installing malware. Telltale signs include:

 

    • Broken English or unusual expressions.

 

    • A suspicious emergency (“Your account will be suspended in 24 hours!”).

 

    • A generic signature (“The support team”) or a questionable email address (e.g.: support@amazon-secure.com instead of support@amazon.fr).

 

    • Unexpected links or attachments.

 

To check a link, hover your mouse over it (without clicking) to display the actual URL. If in doubt, contact the sender via another channel (telephone, official message).

 

What to do if you are a victim of phishing?

 

If you have clicked on a link or provided sensitive information :

 

    • Don’t panic: cybercriminals exploit shame to dissuade victims from taking action.

 

    • Change compromised passwords immediately.

 

    • Report the incident to the DSI (Information Systems Department) of your coworking space or to your IT department.

 

    • Monitor your accounts for suspicious activity.

 

Attacks are becoming increasingly sophisticated, perfectly imitating legitimate communications. Constant vigilance is therefore essential.

 

Securing your peripherals and work sessions

 

The risks associated with USB keys and external disks

 

USB devices can carry viruses or Trojan horses. In a shared space:

 

    • Only use personal USB keys dedicated to professional use.

 

    • Disable automatic execution of files when plugging.

 

    • Always scan the device with your antivirus before opening a file.

 

    • Avoid public charging stations: some can extract data via the USB cable (“juice jacking”).

 

 

Lock your session and protect your computer

 

An unlocked session is an invitation to spying or data theft. Adopt these reflexes:

 

    • Lock your screen whenever you are away, even for a few minutes. Use keyboard shortcuts: 

        • Windows : Windows key + L,

       

        • Mac : Ctrl + Shift + Power,

       

        • Linux (Gnome) : Ctrl + Alt + L.

       

    • Turn off or put your computer to sleep at the end of the day.

 

    • Don’t leave sensitive documents lying around on your desk.

 

These simple gestures considerably reduce the risk of unauthorized access to your data.

 

Back up your data and learn best practices

 

The importance of regular backups

 

A hardware failure, accidental deletion or cyber attack (such as ransomware) can wipe out your data in seconds. To avoid irrecoverable loss :

 

    • Make automatic backups to an external hard drive or secure cloud service (Google Drive, Dropbox, Nextcloud).

 

    • Apply the 3-2-1 rule:

        • 3 copies of your data,

       

        • 2 different supports,

       

        • 1 off-site backup (e.g. cloud).

       

    • Regularly test the restoration of your backups.

       

Train yourself and stay informed

 

Cybersecurity is constantly evolving, and keeping up to date is essential. The ANSSI (National Agency for Information Systems Security) offers accessible resources:

 

 

    • The SecNum Academy, a free MOOC to understand the challenges of digital security.

 

In addition, workshops or webinars are often organized in coworking spaces to raise members’ awareness of new threats and appropriate solutions.

 

Creating a safe and pleasant working environment

 

IT security isn’t just about digital tools. A well-designed work environment also helps reduce risks. For example, the addition of plants to the office can improve your well-being and concentration, limiting errors due to fatigue or stress. Find out how to optimize your space on this page.

 

Finally, don’t forget that security is everyone’s business. By adopting these best practices and remaining vigilant, you protect not only your data, but also that of your colleagues and your company.

 

IT security in shared workspaces: FAQ

🔒 Why is IT security crucial in a shared workspace?

 

In a shared business environment, the risks of cyber-attacks, data leaks or unauthorized access to sensitive information are multiplied. Multiple users connect to the same networks, use common equipment or share files, increasing vulnerabilities. A security breach can impact not only your personal data, but also that of your colleagues or your company, with potential consequences for reputation, productivity and even legality (RGPD, industrial secrets).

 

 

🖥️ What are the first steps you should take to secure your workstation in a shared workspace?

 

Here are the priority actions to be implemented:

 

    • Mettre à jour régulièrement le système d’exploitation (Windows, macOS, Linux) et les applications pour corriger les failles de sécurité.

 

    • Installer et maintenir à jour un antivirus performant (ex : Windows Defender, Bitdefender, Kaspersky).

 

    • Utiliser un compte utilisateur standard (éviter les droits administrateur) pour limiter les dégâts en cas d’infection.

 

    • Verrouiller systématiquement votre session dès que vous quittez votre poste (raccourci Windows + L ou Ctrl + Shift + Power sur Mac).

 

    • Désactiver les options de connexion automatique (Wi-Fi, sessions) pour éviter les accès non autorisés.

 

 

🔑 How do you create a strong, easy-to-remember password for a shared space?

 

A secure password must be :

 

    • Composé d’au moins 12 caractères, avec des majuscules, minuscules, chiffres et caractères spéciaux (ex : Afet@Zy6o45!).

 

    • Unique pour chaque service (messagerie professionnelle, outils collaboratifs, réseaux sociaux).

 

    • Sans lien avec votre vie personnelle (éviter noms, dates de naissance, prénoms d’enfants ou d’animaux).

 

 

To remember it easily, use mnemonic methods:

 

    • Méthode phonétique : Transformez une phrase en mot de passe (ex : *« J’ai acheté 8 CDs pour 100 euros »* → ght8CD%100e).

 

    • Méthode des premières lettres : Prenez les initiales d’une citation (ex : *« Un tien vaut mieux que deux tu l’auras »* → 1tvmQ2tl’A).

 

Do not use:

 

    • Stocker vos mots de passe dans un fichier non sécurisé (Excel, bloc-notes).

 

    • Les partager avec des collègues ou des tiers, même temporairement.

 

    • Les envoyer par email ou messagerie instantanée.

 

 

🔄 Why and how should you renew your passwords regularly?

 

Renewing your passwords every 3 to 6 months reduces the risk of them being stolen or leaked (e.g. after a cyber-attack on a third-party service). Here’s how:

 

    • Utilisez un gestionnaire de mots de passe comme KeePass pour générer et stocker des mots de passe complexes.

 

    • Activez la double authentification (2FA) lorsque c’est possible (SMS, application comme Google Authenticator).

 

    • Priorisez les comptes sensibles (emails professionnels, outils métiers, accès administrateurs).

 

 

Tip: Set reminders in your calendar to schedule these updates.

 

📧 How to recognize a phishing email in a shared space?

 

Phishing attacks are common in shared environments. Here are the telltale signs:

 

    • Expéditeur suspect : Vérifiez l’adresse email (ex : support@amazon-security.com au lieu de support@amazon.fr). Passez la souris sur l’expéditeur sans cliquer.

 

    • Fautes d’orthographe ou de grammaire : Les messages légitimes sont généralement bien rédigés.

 

    • Urgence ou menace : *« Votre compte sera suspendu dans 24h »* ou *« Action requise immédiatement »*.

 

    • Liens ou pièces jointes douteux : Survolez les liens pour voir l’URL réelle (ex : un lien affichant « Google Drive » mais pointant vers une URL inconnue).

 

    • Demande d’informations sensibles : Aucun service sérieux (DSI, banque, administration) ne demande votre mot de passe par email.

 

 

What to do if in doubt? Contact your IT department before clicking or replying.

 

 

🚨 What should I do if I’ve clicked on a link or opened a suspicious attachment?

 

Act quickly to limit the damage:

  1. Disconnect your device from the network (Wi-Fi, Ethernet) to prevent the spread of possible malware.
  2. Report the incident to the IT department or security manager immediately.
  3. Don’t hide the mistake: cyberattacks are becoming more and more sophisticated.
  4. Do not share any other usernames and immediately change the passwords of potentially compromised accounts.
  5. Run a full antivirus scan of your machine.
  6. If you entered credentials on a fraudulent site, enable two-factor authentication on the affected accounts.
  7.  

 

Worth knowing: The consequences can range from data theft to infection of the entire corporate network. Rapid reaction is crucial.

 

💾 Why and how to make regular backups in a shared space?

 

Backups protect against :

 

  • Ransomware (ransomware that encrypts your files).
  • Accidental deletions or human errors.
  • Hardware failures (hard drive, server).

 

Best practices:

 

    • Use the 3-2-1 rule: 3 copies of your data, on 2 different supports, including 1 off-site (secure cloud or external hard drive stored in a safe place).

    • Automate backups via tools like Veeam, Acronis or integrated solutions (Time Machine for Mac, File History for Windows).

    • Regularly test the restoration of backups to ensure their integrity.

    • For sensitive files, use encrypted solutions (e.g. VeraCrypt).

 

 

🔌 What are the risks associated with USB devices in shared space?

 

USB sticks or external hard drives can be vectors of :

 

    • Malware (viruses, Trojan horses) spreading automatically upon connection.

    • Data leaks if the device is lost or stolen.

    • Unauthorized access to sensitive files if the device is not encrypted.

 

Precautions to be taken:

 

  • Only use peripherals approved by the DSI and dedicated to professional use.
  • Disable AutoRun in Windows Security settings.
  • Systematically scan the device with an antivirus before opening.
  • Encrypt sensitive data with tools like BitLocker (Windows) or FileVault (Mac).
  • Avoid plugging personal or unknown devices into workstations.

 

🌐 How to secure web browsing in a shared workspace?

 

Here’s what you need to do:

 

    • Use an up-to-date browser (Chrome, Firefox, Edge) with the latest security patches.

    • Enable private browsing for sensitive sessions (avoid storing cookies and logs).

    • Install security extensions like uBlock Origin (malicious ad blocker) or HTTPS Everywhere (forces encryption).

    • Check that the sites visited use the HTTPS protocol (padlock in the URL bar).

    • Do not store passwords in the browser. Prefer a dedicated manager like KeePass.

    • Systematically log out of sensitive accounts (bank, business tools) after use.

 

 

📱 What precautions should be taken with mobile devices (smartphones, tablets) in shared spaces?

 

Mobile devices are often overlooked, yet they access the same networks and data. Here’s how to secure them:

 

    • Enable code/PIN/biometrics lock (fingerprint, facial recognition).

    • Encrypt device storage (security settings).

    • Avoid connecting to unsecured public Wi-Fi networks. Use a VPN if necessary.

    • Turn off Bluetooth and Wi-Fi when not in use.

    • Only download applications from official stores (App Store, Google Play).

    • Use MDM (Mobile Device Management) solutions if your company offers one.

    • Erase data remotely in case of loss or theft (“Find my device” feature).

 

🔧 Why use a shared-space password manager like KeePass?

 

A password manager like KeePass offers several advantages:

 

    • Secure centralization: All your passwords are stored in an encrypted database, protected by a master password.

    • Complex password generation: The tool creates unique and strong passwords for each service.

    • Phishing protection: KeePass does not automatically fill fields on fraudulent sites.

    • Controlled sharing: In a shared space, you can share passwords securely (via a common KeePass file, protected by a strong password).

    • Portability: The database can be stored on an encrypted USB drive or secure cloud.

 

Precautions with KeePass:

 

    • Download it only from the official website (beware of fraudulent versions).

    • Choose a very strong master password (it’s the only key to accessing all your other passwords).

    • Back up the database regularly and test its restoration.

 

🔄 How can you make your colleagues aware of good safety practices in shared spaces?

 

IT security is a collective responsibility. Here’s how to get your team involved:

 

    • Organize workshops: Present the risks (phishing, ransomware) and barrier gestures via concrete examples.

    • Share resources: Disseminate guides like that of ANSSI or infographics on good practices.

    • Simulate attacks: With the agreement of the IT department, send phishing test emails to assess the team’s vigilance.

    • Create a dedicated channel (Slack, Teams) to report fraud attempts or ask questions.

    • Encourage feedback: If a colleague has been the victim of an attempted scam, share the incident (without judgment) to learn from it.

    • Regular reminder: Integrate safety reminders into internal meetings or newsletters.

 

 

Key message: “Safety is like a vaccine: it only works if everyone participates.

 

 

Published On: November 13, 2025 / Categories: Coworking /

Share the article

Follow us!

Want to join
the Hiptown
team?

Hiptown is constantly looking to expand its teams in Paris, Lille, Lyon, Marseille, Bordeaux, Rennes, Nantes, Toulouse, Nice, and other cities.

Interested in creating the workspaces of the future?

CONTACT US

Interested in the Hiptown space?

*Required fields