Remote Work Security Tips

Securing your home network:

  • Ensure that your home networking equipment, such as routers and wireless access points (WAPs) are current, supported models running the most up to date firmware.
  • Change the default administrator password for all equipment on your home network including routers, wireless access points, printers, and items branded as “Smart” or “Internet of Things (IoT)”.
  • Ensure only people you trust can connect to your wireless network by enabling strong security consisting of Wi-Fi Protected Access 2 (WPA2) using a complex password.
  • Disable the remote administration feature on equipment
  • Use the firewall features of your router and computer to block undesirable traffic. A best practice is to block all inbound traffic.
  • Ensure your router is configured to use a trusted source for Domain Name Service (DNS). Reliable sources for DNS include your Internet Provider, Google, OpenDNS, and Cloudflare.


Securing your devices:

  • Make sure that your device has an up-to-date Operating System and all patches are applied.
  • Ensure all major third party software (Microsoft, Adobe, Firefox etc.) are current, supported versions and any available patches are applied.
  • Enable full disk encryption such as File-Vault or Bitlocker if supported.
  • Make sure you are running an antivirus software and your definitions are set to update automatically.
  • When possible use a dedicated computer for conducting remote work.
  • To prevent accidental deletion or corruption of work data by a family member lock the device when not in use, such as when taking a lunch break.
  • If possible configure devices, such as those provided to children, with restricted access to prevent the installation of undesirable software.


Tips to protect yourself and Oakland University when working remote:

Do:

  • Check that you are accessing resources in compliance with guidance provided in https://kb.oakland.edu/uts/remote_work

  • Use university approved resources and methods to communicate
  • When possible host conference calls or virtual meetings (using approved resources), rather than joining a meeting hosted by third parties.
  • Report suspicious activity to University Technology Services (UTS)
  • Uninstall remote support and conferencing software when no longer needed
  • Periodically check for and delete University owned data

Don't:

  • Use the same passwords for personal and work related activities.
  • Use features like “Remember my password” for University websites.
  • Use software like Thunderbird or Outlook to access email, use Webmail instead.
  • Share links to meetings, conference calls, virtual classrooms on social media.
  • Overshare information on conference calls or virtual meetings if you are unsure who all is attending.
  • Open attachments or links shared in virtual meetings unless you can validate their authenticity.