Working remotely presents unique challenges for information security because remote work environments don't usually have the same safeguards as working on-campus. When an employee is at the office, they are working behind layers of preventive security controls. While not perfect, it is harder to make a security mistake while at the office. However, when computers leave campus and people work remotely, new risks arise for the University and additional safeguards and vigilance is essential. For more details see the "Fredonia Secure the Human Reference Guide" at https://answers.fredonia.edu/x/S4I4.
Risks and Best Practices
- Social Engineering
- Protect your Accounts and Passwords
- Secure Your Home Network
- Protect Your Devices
- Secure Connections
- Protect University Data
- Family and Guests
- Policies
Social EngineeringAnchor Social Engineering Social Engineering
| Social Engineering | |
| Social Engineering |
...
- Always Use strong passwords or passphrases whenever possible. The key to strong passwords is to make them long; the more characters you have the better. These are called passphrases: a type of strong password that uses a short sentence or random words. For more about passphrases see see https://answersfredonia-edu.fredoniaatlassian.edunet/l/xc/VoCXAQ emyUmzvP
- Make sure each of your accounts has a separate, unique password. Never reuse passwords across multiple systems and do not share your password with others.
- Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.
- Set up two-factor authentication whenever possible. The University utilizes DUO twoAzure multi-factor authentication for many critical and sensitive systems. To learn about DUO visit Duo Security Frequently Asked Questions at Azure MFA visit Multi-factor authentication (MFA) - FAQs at https://answersfredonia-edu.fredoniaatlassian.edunet/wiki/x/ZoM4EgBhaQ.
NOTE: This is a good time to review your second factor devices to make sure you can login to your protected services remotely, see https://answers.fredonia.edu/x/iYM4. - Do not use your eServices credentials (email/password) for other non-work related services (e.g. Facebook, Dropbox, etc.).
...
- Use a Virtual Private Network to protect sensitive information. The University provides this service for all faculty and staff. To learn about Fredonia’s VPN service go to "Getting started with the Fredonia Virtual Private Network (VPN) Services" at https://answers.fredonia.edu/x/FwCk and https://answers.fredonia.edu/x/-oLeAg
- Avoid public Wi-Fi; if necessary, use personal hotspots or some way to encrypt your web connection. Only connect to trusted, private networks.
- Block the sight lines. If you are at a public place, pay attention to your sight lines. If someone is behind you, they can see everything you are typing.
...
Please contact the ITS Service Center through email at ITS.ServiceCenter@fredonia.edu, or by phone at (716) 673-3407 if you need any assistance or to report an information security incident.
...