Safe in Any Place: Remote Cybersecurity | Information Technology | University of Pittsburgh
!

Search form

You are here

Home » Blogs » KJB136's blog

Safe in Any Place: Remote Cybersecurity

Tuesday, February 1, 2022 - 22:41

For many of us, working from home seems here to stay. In September 2021, 45% of full-time employees in the U.S. worked remotely, even though most workplaces had re-opened. At Pitt, many faculty and staff have transitioned to part-time or full-time remote work arrangements, and many students are prioritizing jobs that will allow them to work from home in some capacity.

You may have done some rearranging of your home, perhaps gone shopping for a new desk or chair, and even updated your router while settling in to this new normal. But how much effort have you put into IT security? Working off-site requires special planning and precautions that may not be obvious at first glance. Here are 5 things to consider:

1. Create a Private Space

It’s important to find a comfortable, practical location in your home where you can work undisturbed and be productive. But don’t forget about privacy. If you don’t live alone, it’s important to ensure that confidential work materials will not be seen by your roommates, partner, children, or visitors.

People tend to think that friends or family wouldn’t do anything improper, so it doesn’t matter if they could see their work materials. But people can accidentally share or misuse information, not to mention spill on, move, or lose your papers. Most importantly, it can violate the law to not secure the data or propriety work, regardless of whether it is improperly used.

It’s best to have a dedicated work area with a door and a lockable filing cabinet or container, especially if you deal with information that needs to be kept confidential, such as identifiable personal information, study data, or financial records. Clearly identify things that others should not touch. Use headphones so others cannot overhear your private or confidential conversations. Be especially conscious of privacy when working in a public place or while people are in your home.

2. Segregate Your Devices

An important part of establishing your work-from-home routine is setting boundaries for what you use your work device for and what you use your personal device for. It may be tempting, but do not use a work device for personal computing, and don’t use personal devices for work. Don’t let others (e.g., your kids or roommates) use your work computer—they may connect to an unsafe site or accidentally delete or expose your files.

A whole host of security risks are introduced when casual personal computing mingles with work activities. Many social sites have security vulnerabilities that are easier to exploit than professional systems. But if a cybercriminal gets access to a personal device that then connects to the professional network, the entire system can be affected.

3. Treat Your Workspace Like Your Workplace

Beware of home hazards in your workspace. Keep food and drink away from your computer to avoid accidental spills or crumbs in your keyboard. Keep an eye on your pets around your tech. As much as our furry companions make working from home amazing, it’s no fun when your cat walks across your keyboard and sends an accidental email or your puppy uses your mouse as a chew toy.

In addition, keep your desktop (physical and digital) clean and organized, so you can control who sees what. Keep confidential papers and files off your desk and home page.

4. Step Out, Log Out

When you step away from your device, it’s important to secure your accounts and your device. This applies whether you’re taking a Netflix lunch break, getting a refill at the Starbucks counter, making a snack in the kitchen, or just taking a bathroom break.

Lock your device whenever you step away from it, even if it’s just for a minute. In Windows, press (Windows Logo)-L; on a Mac, press Ctrl-Cmd (⌘)-Q to lock your screen. This will bring up the login screen you get when you first power on or you’ve been inactive for several minutes.

Be sure to log out of any accounts or systems when you are done using them. At the end of the day, power down your device – many security updates are only applied when the system is shutting down or starting up.

5. Secure Your Connection

If you haven’t bothered to put a password on your home internet service, time to create one. Not only will you stop neighbors from stealing your Wi-Fi and slowing down your service, it’s also an important security measure.

When you are doing confidential work or accessing a restricted system from home, use a VPN to ensure extra security on your connection. PittNet VPN (GlobalProtect) lets students, faculty, and staff connect to restricted University resources while on and off campus, and is required to connect remotely to your office computer or for accessing departmental databases and servers that reside behind network firewalls. PittNet VPN (PulseSecure) is also available to use. If you are working in a public place with free Wi-Fi, use the VPN while doing anything on your work device, regardless of whether the work itself involves confidential or protected data.

And it goes without saying that if you are working in a public place, like a café or Hillman Library, never leave your device or work materials unattended, even just for a minute.

Stay Cybersafe

Working from home can be awesome, but it requires you to take charge of your digital security. So take a little time to learn about cyber-risks and what you can do to keep yourself safe online. Take a look at the Workstation Security Standards for Remote Work website. Then, browse other Panther Bytes blogs; there are articles on everything from phishing to password protection. If you have any trouble with your tech, just ask for help! Contact the Technology Help Desk via phone, live chat, online form, or email.

Pitt students at Pitt Hackathon

EMAIL AND ACCOUNT SECURITY

Keep Your Accounts, Yours

The Account Administration service enables the University to manage its account services in an effort to securely verify and protect its identity with tools, such as Multifactor Authentication and Federated Authorization Process (Student Mart Access).

Those who utilize our Pitt Email (Outlook) service are also provided with access to select services to securely manage email communications with Advanced Threat Protection and Enterprise Spam and Virus Filter Service with Exchange Online Protection (EOP).

IT GOVERNANCE

Practice Good Governance with Our Guidance

Pitt IT regularly updates its security knowledge base with the latest governance standards, while also ensuring the University’s safety against external attacks and internal accidents with industry-leading security methods and best-practices. Request guidance or support from Pitt IT or learn more with the resources below.

Contact Us

IT Governance and Regulatory Compliance

Maintain compliance with applicable laws and regulations for restricted data (e.g., DFARS/CMMC, FERPA, GDPR/PIPL, GLBA, HIPAA, NIST 800-171, PCI)

Data Classification & Compliance

Protect the privacy of students, alumni, faculty, and staff through precautions and data classifications measures that guard against unauthorized access.

Governance & Policy Security Guides

Maintain safety practices around policies and standards with our easy-to-follow guides — developed and maintained for accuracy by Pitt IT Security and organized below.

GOVERNANCE GUIDES

google drive icon
Google Drive Security Guide
microsoft outlook icon
Microsoft Outlook Email Encryption Guide
microsoft teams icon
Microsoft Teams Security Guide
microsoft onedrive icon
OneDrive Security Guide
qualtrics icon
Qualtrics Security Guide
microsoft sharepoint icon
Sharepoint Security Guide
workstation icon
Workstation Standards Guide
zoom icon
Zoom Security Guide
DocuSign logo
eSignature Sevice (DocuSign) Security Guide
pitt individuals working on computers

IT POLICIES AND PROCEDURES

Master University Guidelines

Pitt IT has partnered with University communities to establish security policies that help protect computers and information from security threats — such as viruses, Trojan horses, hackers, and other forms of cybercrime.

Review these policies to help your department protect its data, while also adhering to state and federal regulations regarding technology.

View IT Policies & Information

IT SECURITY AUDIT SUPPORT

Manage Security Audits with Our Help

Pitt IT Security is available to assist departments and schools in all IT security audit needs — including regulatory requests. Contact us for expert guidance in managing and executing audit processes through risk identification, evaluation, and mitigation.

Contact Us

IT Audit Guidance

Request risk-based security audits from Pitt IT Security to determine if your University data is adequately protected. Assistance is also offered in cases where departments are requested to perform and report internal IT audits.

IT Risk Management

Improve your departmental risk identification, evaluation, and mitigation capabilities by working with Pitt IT Security to identify risks, assess any potential impacts, and lessen risks by implimenting mitigation controls.

IT Contract & Agreement Review Service

Review contracts and agreements with our guidance to determine if your department and the University can meet contractually obligated data-security requirements.

AUDIT & RISK RESOURCES

document safety icon
dbGaP (Database of Genotype and Phenotype) Reviews
e-business security icon
E-Business Solution Risk Assessments
it security icon
General Security Risk Assessments and Consultations
personal online safety icon
Institutional Review Board (IRB) Risk and Research Assessment
vulnerability security icon
Security Vulnerability Assessment
System security icon
System Security Plan Development
vendor security icon
Third-party Vendor Risk Assessments

THREAT AND INCIDENT MANAGEMENT

Identify Risks Before They Become Threats

Pitt IT Security can help you identify potential threats before they become issues for your department. Are you concerned that your data has already been compromised? Pitt IT Security will help you assess the situation, manage the incident, and respond to University stakeholders and legal partners.

Learn More

IT SECURITY ARCHITECTURE AND ENGINEERING

Build a Security Strategy that Fits Your Needs

Security architecture can help you design and document key elements of your overall security program, which ensures that your department and users can understand and utilize methods for creating safe, collaborative digital environments. Pitt IT Security will work closely with you to create a well-defined strategy that fits your needs and uses industry-leading best practices to enable your department’s security and success.

Learn More

Strategy and Design

Plan and create your IT environment with security as a top priority.

Security Tooling

Implement the proper tools and security measures for your needs.

Solution Engineering

Design and develop secure solutions that fit your unique work processes and data needs.