Security Best Practices for Telecommuting

Telecommuting brings some unique challenges in ensuring the protection of University systems and data. When on-campus, many of the capabilities in our security systems help monitor and track threats in the University environment. Most individuals do not have many of the same protections available in their home or while traveling, but there are some things that you should be aware of when telecommuting using either University equipment or BYOD (Bring Your Own Device).

 

University-Owned Machines 

BYOD (Computers, Tablets, or Phones) 

 

University-Owned Machines 

BYOD (Computers, Tablets, or Phones) 

Operating Systems Software Updates/Support 

All University systems are automatically patched and updated on a regular basis. 

Ensure patches are regularly applied and system software is kept up to date. Most systems can be set up to regularly update themselves. Hardware should be capable of supporting current software versions. If software is not up to date and cannot be updated, they should not be used for University business. 

Scanning and Protecting Against Malware 

All University systems have pre-installed protection software. 

There are many free and paid software programs that can help protect your system when using it for University business or personal use. For ongoing protection, there are several free versions of antivirus. PC Magazine has a great resource evaluating some of the top vendors (pcmag.com/picks/the-best-free-antivirus-protection).  

Use of University Sponsored Cloud Applications 

University-owned machines have updated versions of software installed and are safe for file storage locally on the computer. Software applications such as Teams or WebEx should be used for regular communications. 

For day-to-day activities on BYOD devices, it is best to use University-sponsored cloud services such as  Microsoft Office Suite, including OneDrive and Teams (login.microsoftonline.com) or WebEx (its.uconn.edu/webex/). This helps keep all of your work in the cloud and provides access to current versions of Microsoft products. Storing your work files on OneDrive also allows for the efficient movement of data back to your work computer and supports the University’s ability to meet its duties under federal and local laws while also protecting data. Never store work files locally on your device. 

Requiring a Password for Device Login 

University hardware requires a login to access systems. 

Whether you are using a home computer, laptop, tablet or cellular device, it is best to have some form of lock enabled to access the device (complex password or pin pattern or biometrics such as face/fingerprint. 

DNS Filtering 

One of the best ways to defeat malware is using DNS filtering which looks for known bad websites and is effective at blocking several different attacks.

Home users who wish to enable DNS filtering can use one of the free services such as OpenDNS (opendns.com) or Quad9 (Quad9.com). 

Protecting Against Theft 

University equipment should be in a safe and protected space when not in use. Do not leave equipment unattended in vehicles or in public spaces for even short periods of time. 

Personal equipment (including cellular devices and tablets) should be in a safe and protected space when not in use. Do not leave equipment unattended in vehicles or in public spaces for even short periods of time. 

 General Reminders 

  • Use a screen lock when your equipment is not in use or you are away from your workspace 

  • Do not leave equipment unattended in vehicles or in public space. Items such as phones, tablets, and laptops are valuable targets and subject to theft 

  • Never share your NetID and password with anyone. Your NetID is your identity and you are responsible for all actions taken.

  • Phishing/monetary scam attempts always increase during global events. For the current COVID-19 situation, refer to the University website or government websites (e.g., cdc.gov) for information. Do not respond to unsolicited job offers or requests to assist in purchasing gift cards for fellow employees.

  • Use secure Wi-Fi (padlock symbol) whenever possible. This indicates that your session is encrypted. Only use published Wi-Fi networks when traveling or in public such as hotel or retailer-provided wireless networks that are publicly advertised. If dealing with sensitive or confidential information, a VPN should be used. 

Related Articles