Remote Work Security Tips

Securing Your Home Network:

• Ensure that your home networking equipment, such as routers and wireless access points (WAPs) are current, supported models running the most up to date firmware.
• Change the default administrator password for all equipment on your home network including routers, wireless access points, printers, and items branded as “Smart” or “Internet of Things (IoT)”.
• Ensure only people you trust can connect to your wireless network by enabling strong security consisting of Wi-Fi Protected Access 2 (WPA2) using a complex password.
• Disable the remote administration feature on equipment
• Use the firewall features of your router and computer to block undesirable traffic. A best practice is to block all inbound traffic.
• Ensure your router is configured to use a trusted source for Domain Name Service (DNS). Reliable sources for DNS include your Internet Provider, Google, OpenDNS, and Cloudflare.

Securing Your Devices:

• Make sure that your device has an up-to-date Operating System and all patches are applied.
• Ensure all major third party software (Microsoft, Adobe, Firefox etc.) are current, supported versions and any available patches are applied.
• Enable full disk encryption such as File-Vault or Bitlocker if supported.
• Make sure you are running an antivirus software and your definitions are set to update automatically.
• When possible use a dedicated computer for conducting remote work.
• To prevent accidental deletion or corruption of work data by a family member lock the device when not in use, such as when taking a lunch break.
• If possible configure devices, such as those provided to children, with restricted access to prevent the installation of undesirable software.

Tips to Protect Yourself and Oakland University When Working Remote

Do:

• Check that you are accessing resources in compliance with guidance provided in https://kb.oakland.edu/uts/remote_work
• Use university approved resources and methods to communicate.
• When possible host conference calls or virtual meetings (using approved resources), rather than joining a meeting hosted by third parties.
• Report suspicious activity to University Technology Services (UTS).
• Uninstall remote support and conferencing software when no longer needed.
• Periodically check for and delete University owned data.
• Dedicate a browser for work activates. For example use Chrome for work activates and FireFox for personal browsing.

Don't:

• Use the same passwords for personal and work related activities.
• Use features like “Remember my password” for University websites.
• Add Browser Extensions, such as Ad-Blockers, shopping tools, etc, or content synchronization tools on your work browser.
• Use software like Thunderbird or Outlook to access email, use Webmail instead.
• Share links to meetings, conference calls, virtual classrooms on social media.
• Overshare information on conference calls or virtual meetings if you are unsure who all is attending.
• Open attachments or links shared in virtual meetings unless you can validate their authenticity.

Useful Links

• Android - Enable Automatic Updates for Applications
• Apple Mac OS—How to Enable Automatic Updates
• Free DNS Server Comparison
• iOS—Enable Automatic Updates for Applications
• iOS—How to Enable Automatic Updates
• PII Scanning Application
• Microsoft Windows 10—How to Enable Automatic Updates
• SANS Top 5 Tips for Working from Home Securely