IT Security - Best Practices When Working From Home
We know that working from home can be new to some, perhaps even a little overwhelming, as you adjust to a new environment. One of our goals is to enable you to work as efficiently and securely as possible from home. Below are five simple tips to working securely from home.
Tip #1 - Be the First Line of Defense
First and foremost, technology alone cannot fully protect you – you are the best defense. Attackers have learned that the easiest way to get what they want is to target you, rather than your computer or other devices. If they want your password, work data or control of your computer, they’ll attempt to trick you into giving it to them, often by creating a sense of urgency. For example, they can call you pretending to be Microsoft technical support and claim that your computer is infected. Or perhaps they send you an email warning that a package could not be delivered, or you have an invoice or an updated Coronavirus map, fooling you into clicking on a malicious link. Always double check who the email is really from before you click on any links and don’t forget to "hover to discover" where that link is really taking you.
Tip #2 - Protect Your Devices
Ensure your devices are equipped with antivirus software (sometimes called anti-malware).
- On Windows systems, Windows Defender is a built-in antivirus tool. Ensure that it is up to date by following the steps in the previous tip.
- For Mac or Linux systems, ClamAV is a free antivirus solution that has been in use for many years and is known to be effective.
UNCP offers Cisco AMP for Endpoints through a link in BraveWeb. Cisco AMP is a world-class anti-virus service and is being made available to faculty, staff and students free of charge for use on their personal computers. You may use AMP for the duration of your time as an employee or student here at UNCP.
Tip #3 - Data Security & Confidentiality
Protected and sensitive data (PII, FERPA, HIPAA) should never be saved on your personal computer and should not be shared with anyone outside of UNCP. DoIT monitors and protects this data to the best of our ability, but attackers will do everything they can to gain access to this data and hold it ransom. We also encourage you to move your own work data to your Google Drive or Microsoft OneDrive as opposed to storing files locally on your computer or a network drive (K: Drive). If for some reason you need to work with protected or sensitive data, it must be on a university-owned computer. If you have any questions or concerns about this please contact the DoIT Help Desk, or IT Security at security@uncp.edu.
Backing Up, Saving & Sharing Files
DoIT recommends copying files from your computer and storing them in the cloud. Microsoft OneDrive and Google Drive are available to you using your network credentials.
- Storing data in O365 OneDrive
- Sharing files in O365 OneDrive
- Storing data in Google Drive
- Sharing files in Google Drive
Tip #4 – VPN and Duo
Some critical and protected UNCP systems require special access. If you believe you require this access, please contact the Help Desk by emailing helpdesk@uncp.edu or calling 910-521-6260. Requests will be considered based on the individual need. Before using the VPN client, Cisco Secure Client, you must enroll with Duo and set up your mobile device. Duo Security provides a two-factor authentication service to make logins more secure.
Tip #5 – Kids, Guests, and Family
Something you most likely don’t have to worry about at the office is children, guests or other family members using your work laptop or other work devices. Make sure family and friends understand they cannot use your work device, they can accidentally erase or modify information, or perhaps even worse, accidentally infect the device.