Threats to Working Remotely
- Unsecured Wi-Fi networks: Not everyone has a secure home network with strong firewalls. Public Wi-Fi networks, such as those in coffee shops, are also unsafe for conducting business. Unsecured public Wi-Fi networks are prime spots for malicious parties to spy on internet traffic and collect confidential information.
- Using personal devices and networks: Many faculty and staff will be forced to use personal devices and home networks for work tasks. These home computers lack the safeguards built in to business networks such as antivirus, firewalls, and backup tools. This increases the risk of malware finding its way onto devices and both personal and work-related information being breached.
- Scams targeting remote workers: Hackers have been known to target remote workers computers, because they are aware of the lowered security measures.
Security Musts When Working Remotely
These are some additional precautions that must be taken by employees when working remotely.
Avoid using public Wi-Fi
Public Wi-Fi are often not secure and may introduce significantly higher security risks, therefore they should be avoided. Instead of using public Wi-Fi, use a CSUSB or personal hotspot from a dedicated device or your phone, or a secure home Wi-Fi where possible. If public Wi-Fi is the only option available, it is advisable to use a VPN in conjunction.
Secure Your Home Wi-Fi
- Change your router's default password.
- Make sure firmware updates are installed so that security vulnerabilities can be patched.
- Encryption should be set to WPA2 or WPA3.
- Make sure your Wi-Fi has a strong password.
- Restrict inbound and outbound traffic, use the highest level of encryption available, and switch off WPS.
Use a CSUSB Maintained Laptop
CSUSB technicians ensure your work station and laptop have anti-virus and anti-malware software, encrypted drives, licensed software and the latest patches. Your home computer may not be always up-to-date. If you have a CSUSB laptop, use it at home for work. Level 1 users must use a CSUSB maintained device if accessing Level 1 data.
Use CSUSB Virtual Private Network (VPN)
CSUSB VPN encrypts and tunnels your all of your internet traffic, so that it is unreadable to anyone who intercepts it. This keeps it away from the prying eyes of any hackers and your Internet Service Provider (ISP). CSUSB VPN protects your data and password. It is strongly encouraged to use VPN even if you are checking your email, accessing MyCoyote, or accessing cloud-storage. Depending on your access, you may be prompted by CSUSB’s MFA (Duo) when accessing VPN as an additional security measure.
Keep Work Data on Work Computers or CSUSB Approved Storage
If you don’t have a CSUSB laptop or workstation at home, the next best thing is to access your CSUSB workstation remotely. While certain remote access tools have security vulnerabilities, using your CSUSB workstation through remote desktop will mitigate those issues. Make sure you are accessing the remote desktop session from the MyCoyote portal. CSUSB has several virtual workstation options available. Contact the Technology Support Center or your college IT team to see what option is available to you. DO NOT store CSUSB files on your home computer. Use your work computer or approved cloud storage such as OneDrive or Google Drive.
Do Not Share Your Device
If you are working from home and are using a personal device, makes sure you are the only one using your device. CSUSB data cannot be shared with family members and allowing others to use a device that is being used to access CSUSB data violates CSUSB policy by potentially sharing it persons that have no right to see CSUSB data. Including your spouse.
Patch All of Your Software
Updates to device software and other applications can sometimes take a long time. But they really are important. Updates often include patches for security vulnerabilities that have been uncovered since the last iteration of the software was released. Patch your home computer.
Set up the firewall on your computer
Firewalls act as a line defense to prevent threats entering your system. The firewall creates a barrier between your device and the internet by closing ports to communication. This can help prevent malicious programs entering and can stop data leaking from your device. Your device’s operating system will typically have a built-in firewall. Turn it on.
Use antivirus software
Although a firewall can help, it’s inevitable that threats get through. A good antivirus software can act as the next line of defense by detecting and blocking known viruses or malware. Even if viruses or malware does manage to find its way onto your device, an antivirus may be able to detect and, in some cases, remove it. Turn on anti-virus and keep it up to date. CSUSB offers free antivirus software that can be downloaded at https://www.csusb.edu/its/software/faculty-staff-software.
Never Leave Your Devices or Laptop in the Car
Never leave their work computers or devices in a vehicle. It’s a best practice to keep work laptops and devices on your person at all times. The trunk of your car is not any safer. There may be criminals watching the parking lot from afar, waiting for their next victim. Putting valuables in the trunk may make life a little bit easier in the short-term - but why take that chance?
Look out for phishing emails and sites
Phishing is used by cyber criminals to “phish” for information. This information is usually used in further schemes such as spear phishing campaigns (targeted phishing attacks) and account takeover fraud. There are plenty of cyber criminals looking to cash in the Coronavirus crisis. To spot a phishing email, check the sender’s email address for spelling errors and look for poor grammar in the subject line and email body. Hover over links to see the URL and don’t click links or attachments unless you trust the sender 100 percent. If in any doubt, send the email to firstname.lastname@example.org and we will check it out. If you do click a link and end up on a legitimate-looking site, be sure to check its credibility before entering any information. Common signs of a phishing site include lack of an HTTPS padlock symbol (although phishing sites increasingly have SSL certificates), misspelled domain names, poor spelling and grammar, lack of an “about” page, and missing contact information.