Best Practices for Working from Home Securely

Just as our campus network is a target to computer attackers, so is your home network. Your personal information, accounts, emails, and your systems at home are valuable to cyber hackers.  In this document we will provide some tips on securing your home network while working from home in general and currently amid COVID-19Opens in new window .

SECURE YOUR HOME NETWORK

  1. Configure the network settings: Older Wi-Fi settings use weak forms of encryption, such as WEP. Instead, be sure you are using WPA2, which uses advanced encryption to protect your network activity.
  2. Change the default settings: The administrator account is what allows only you to configure the settings for your wireless network. An attacker can easily discover the default password that the manufacturer has provided.
    1. Make sure to change the default password
    2. Change the default name of your wireless network, commonly known as the SSID.
    3. Choose a name that cannot be tied back to your address or your family name.
    4. Disable WAN access to router configuration page


Device Security 

It is highly recommended that you use a campus issued laptop to access campus sensitive data for best security. You can improve the security of personal devices by following the below guidelines. 

  1. Never leave your devices in the car
  2. Ensure your devices are running the most current version of the operating system
  3. Avoid downloading and installing non-campus supported software.
  4. Enable automatic updates for operating systems and applications
  5. USE ANTIVIRUS SOFTWARE
    1. Campus Issued Laptop
      Microsoft Windows DefenderOpens in new window
    2. Personal Computer Recommendations
      Microsoft Windows DefenderOpens in new window
      Malwarebytes Anti-VirusOpens in new window
      Avast Anti-VirusOpens in new window
  6. Cloud Storage (Dropbox)Opens in new window
    1. We recommend Dropbox as a place for you to save your documents. Personal cloud storage accounts or your personal hard drive are not acceptable for university data.
    2. Save your work frequently to your cloud folders
    3. Keep Work Data on campus issued laptop or Dropbox
  7. To access your on-campus computer, use GlobalProtect VPNOpens in new window with Duo MFAOpens in new window . Make sure you are using Microsoft Remote Desk Protocol (RDP) software on both Windows and Mac machines.


GENERAL SECURITY PRACTICES

  • IDENTIFY SOCIAL ENGINEERING ATTACKS - Malware and PhishingPDF File Opens in new window
    First and foremost, technology alone cannot fully protect you – you are the best defense. Attackers have learned that the easiest way to get what they want is to target you by attempting to trick you into clicking on a link or attachment. The most common indicators of a social engineering attack include:
    • Urgency: Messages or calls that create a sense of urgency, often through fear, intimidation, a crisis, or an important deadline. Scammers are good at creating convincing messages that appear to come from trusted organizations, such as banks, government, or international organizations.
    • Unsolicited Requests: A message or phone call that pressures someone to bypass or ignore security policies and procedures to submit personal or financial information. 
    • Unusual Wording: A message from a friend or co-worker in which the signature, tone of voice, or wording does not sound like them.

Level 1 Data Users (see Data Classification webpage for more information)PDF File Opens in new window
Any user of Level 1 dataOpens in new window (ex. Social Security, driver license, birthdate, etc.) must use a campus issued laptop. You may not access Level 1 systems from your personal devices. Use of USB storage or other removable devices for storing L1 data is strictly prohibited as per CSU Information Security Policies.