Remote Work Security Tips
Securing your home network:
- Ensure that your home networking equipment, such as routers and wireless access points (WAPs) are current, supported models running the most up to date firmware.
- Change the default administrator password for all equipment on your home network including routers, wireless access points, printers, and items branded as “Smart” or “Internet of Things (IoT)”.
- Ensure only people you trust can connect to your wireless network by enabling strong security consisting of Wi-Fi Protected Access 2 (WPA2) using a complex password.
- Disable the remote administration feature on equipment
- Use the firewall features of your router and computer to block undesirable traffic. A best practice is to block all inbound traffic.
- Ensure your router is configured to use a trusted source for Domain Name Service (DNS). Reliable sources for DNS include your Internet Provider, Google, OpenDNS, and Cloudflare.
Securing your devices:
- Make sure that your device has an up-to-date Operating System and all patches are applied.
- Ensure all major third party software (Microsoft, Adobe, Firefox etc.) are current, supported versions and any available patches are applied.
- Enable full disk encryption such as File-Vault or Bitlocker if supported.
- Make sure you are running an antivirus software and your definitions are set to update automatically.
- When possible use a dedicated computer for conducting remote work.
- To prevent accidental deletion or corruption of work data by a family member lock the device when not in use, such as when taking a lunch break.
- If possible configure devices, such as those provided to children, with restricted access to prevent the installation of undesirable software.
Tips to protect yourself and Oakland University when working remote:
Check that you are accessing resources in compliance with guidance provided in https://kb.oakland.edu/uts/remote_work
- Use university approved resources and methods to communicate
- When possible host conference calls or virtual meetings (using approved resources), rather than joining a meeting hosted by third parties.
- Report suspicious activity to University Technology Services (UTS)
- Uninstall remote support and conferencing software when no longer needed
- Periodically check for and delete University owned data
- Use the same passwords for personal and work related activities.
- Use features like “Remember my password” for University websites.
- Use software like Thunderbird or Outlook to access email, use Webmail instead.
- Share links to meetings, conference calls, virtual classrooms on social media.
- Overshare information on conference calls or virtual meetings if you are unsure who all is attending.
- Open attachments or links shared in virtual meetings unless you can validate their authenticity.