Work from Home, Securely

Work from Home, Securely

Working from home is new for many of us. The goal of the tips below is to enable you to work from home more securely. Here is some information and steps for you to create a more Cybersecure home working environment.

 

Phishing

The most efficient way an attacker can gain access and/or exploit you is Phishing. With the fear that the Coronavirus is causing, we need to be watchful for Phishing emails and Smishing (SMS phishing).

  1. Phishing attempts try to create a sense of urgency and fear to get you to do something.
  2. Being that most of us are working remotely and in person communication is not easy, Phishing can exploit this.
  3. Be on the lookout for suspicious emails or texts that are creating a sense of urgency or fear.

 

WiFi

Most home networks use a Wireless (WiFi) network and is unfortunately another vector an attacker can gain access and then exploit you. Listed below are some tips to secure your WiFi:

  1. Change the Administrator default password, this password and login is different than connecting to the WiFi for internet access. The Admin password for many Routers/Modems can be Googled. For this reason, OIT Security highly recommends changing this password. OIT security recommends using a 12-character password.
  2. Make sure to enable strong security using a unique password and ensuring WPA2 is the encryption protocol used. Only allow people you trust to connect to your WiFi network.
  3. Last, but not least, ensure these passwords are unique and STRONG. The longer the password is the better. OIT Security recommends using a 12-character password.

If you need guidance, please refer to the manual for the Router/Modem. If you rent the Router/Modem, please contact your ISP (Internet Service Provider) on guidance.

 

Online Hygiene

Many of us shop online from home and do online banking. Passwords can easily forgotten and sometimes passwords are re-used. To help alleviate this OIT Security suggests using a Password Manager. There are a few Password Managers that OIT Security recommends. LastPass (used by OIT), KeePass, and RoboForm. These password managers work on all devices and all browsers as well.

 

Updates and Patching

Update Operating Systems (Windows, MAC, iOS, Android), Apps, Anti-Virus and Software. Enable auto-updates wherever and whenever possible, this will ensure that you are up to date. Windows systems come with Windows Security; this should be automatically updating.  As for MAC systems OIT Security suggest using ClamAV or SOPHOS (used by OIT).

 

VPN

If you believe you need access to the UCCS VPN please contact the Helpdesk. With the VPN access OIT provides, you are still able to access the resources on campus as if you were on campus.

How does a VPN work:

A VPN works by creating a private, encrypted tunnel to a VPN provider that you select. All your online activity goes through this tunnel, then leaves your VPN provider’s network to your intended destination. A VPN is a great way to protect your Privacy. However, a VPN does not secure your system and online accounts. You still need to practice basic internet hygiene.

A VPN is a great way to secure your connection if you are working remotely but NOT from home. An example: using a guest network at a coffee shop or some establishment other than your home.

 

Work Devices

Your work device is just that - a work device. Make sure family and friends understand that the work device is to only be accessed by you. A family member or friend could accidentally delete files and folders or modify the system.

If you are attending a Webinar, Zoom Meeting, or some form of virtualized meeting ensure that you silence notifications. If you are screen sharing, ensure that your email and any sensitive information cannot be seen by others viewing your screen.

 

Collaboration and Backups

Ensure you are backing up your work files, folders, and important media. You can use Microsoft OneDrive to save files, folders, and important media. OIT Security also, highly, suggests using Microsoft Teams for collaboration and communication.

 

 

Information Security