03/25/20 - IT Security Tips for Working Remotely
KU offers many services that make it possible to work remotely and access the KU resources you need from anywhere in the world. Working off campus comes with its own set of security challenges. The following resources can help improve your security and protect the KU data you're responsible for.
There are numerous policies, procedures, guides and standards pertaining to information technology at KU. As a KU employee, you are required to know and follow these policies while working on campus or off campus. See IT Policies for a complete list of the technology-related policies at KU. All University information technology policies and related documentation are also available via the KU Policy Library.
The best and most secure option is to use a KU-managed laptop or workstation rather than your personal computer equipment. If you do not have a KU-managed machine that can be connected at home, talk with your department’s technology support team to see if another option is available.
If you must use your personal computer:
- Important: Work-related files saved to your personal computer will be subject to the Kansas Open Records Act just as they would be if saved to your office computer.
- Use a supported operating system (Windows | Mac) that is set up to receive automatic security updates from the vendor.
- Check to make sure your computer is up to date. (Windows | Mac)
- Make sure you have installed an antivirus program and it is supported and receiving updates.
- Windows Defender is acceptable for Windows 8.1 and newer machines. KU installs Sophos on KU-managed workstations.
- Macs can and do get malware. MacOS users should choose and install an antivirus product.
- Protect your computer and mobile devices with a password. If your computer is shared with others in your household, you should set up a separate account for KU work with a password known only by you.
- If your personal laptop you are using for KU work is lost or stolen, notify the IT Security Office immediately (785-864-8080 | firstname.lastname@example.org) and file a police report with your local police department). You should be prepared to describe the kinds of KU data you were storing on the computer.
Make sure your home network is secure and provides connection speeds necessary to support your work.
- We recommend you have an internet plan that provides 15 mbps download and 5 mbps upload to prevent common connectivity-related issues. At a minimum your internet plan should provide 5 mbps download and 1 mbps upload.
- During the coronavirus (COVID-19) outbreak, some internet providers are offering free connections or upgraded service.
- Important: Make sure your home network is password protected. Change the default password on your router and any other equipment.
Work with your departmental technology support staff in advance to make sure you can connect to your files, folders and needed services on the KU network.
KU Anywhere VPN
Use the KU Anywhere VPN (virtual private network) to securely connect to KU servers and other resources, including your group storage and/or personal drive.
- KU Anywhere VPN (Cisco AnyConnect Secure Mobility Software) should already be installed on all KU-managed computers. For your personal computer, you can download and install the KU VPN software on KU IT’s VPN service page.
- Only connect to the KU Anywhere VPN when actively accessing files or services. Disconnect after use.
- If you are required to use Duo multi-factor authentication on campus, you will need to use it when logging in to the KU Anywhere VPN. For the secondary password, enter the six-digit Duo code using the Duo mobile app or token device, or enter the word “push” to receive a notification in the Duo mobile app.
Accessing Files and Folders
- Make sure your computer is set up with the file path to shared department and personal drives and any specialized websites. Your technology support staff can help with mapping drives.
- Consider moving some or all of your shared work files to an Office 365 SharePoint site or to Microsoft Teams to access them without mapping your drives or connecting to the VPN.
- Consider moving your personal files to OneDrive for Business (personal cloud storage) in Office 365 to access them without mapping your drives or connecting to the VPN.
- Important: With the exception of FERPA data, most data classified as "Level 1 - Confidential Information" by the KU Data Classification & Handling Policy cannot be stored on KU group file storage or personal file storage.
Be prepared in case you can’t access online technology support information by saving a hard copy of contact information for your departmental technology support staff and the KU IT Customer Service Center. Call the IT Customer Service Center for password reset 24/7.
- Find contact information for your departmental technology support staff at tsc.ku.edu.
- IT Customer Service Center: 785-864-8080 | email@example.com
When you're working remotely but not at home, free wireless internet (Wi-Fi) and computers can be tempting. However, connecting to public or "open" Wi-Fi networks and using public computers are big security risks.
If you can avoid it, don't ever connect to public Wi-Fi. If you must use public Wi-Fi, follow these best practices and tips can help to improve your security:
- Don’t transmit or download confidential or sensitive data while on public Wi-Fi, such as student record information.
- Don't download or install software or apps while on public Wi-Fi. Restrict software and app downloads, updates and installs to the times when you're on a secure network.
- A common strategy by criminals is to broadcast free and open Wi-Fi. Always verify the name of the public Wi-Fi network before connecting. Look for a Wi-Fi info sign or ask someone who works there to be sure you're connecting to their public network.
- Use eduroam, if available. You can log in to eduroam with your KU Online ID and password at many institutions around the globe to access their secured Wi-Fi network.
- Consider using a pay-as-you-go or contract service personal Wi-Fi hotspot, or set up a hotspot using your smartphone.
Never conduct KU business on public computers at airports, hotel business centers, libraries, internet cafes, etc. There are numerous security risks with public computers, antivirus might not be installed, software and operating system might not be updated, and previous users may have compromised the computer by downloading malware or by connecting a malicious device.
Learn more about IT security while traveling.
All KU-owned laptops should already have whole disk encryption. If you will be taking a KU-owned desktop computer home for working remotely, please contact your departmental technology staff to have it encrypted. Whole disk encryption doesn’t affect the computer’s performance, but will help prevent unauthorized access to the computer and stored data.
Video conferencing through Skype, Zoom or Microsoft Teams is your lifeline to colleagues, students and others. Video provides more engagement and increases productivity by allowing participants to read body language and facial expressions, share their screens and simultaneously text chat during the call. However, follow these tips to reduce certain security and privacy risks with video:
- Keep your computer’s camera covered when you’re not actively using it.
- Make sure there isn’t anything private or inappropriate in the background behind you.
- If sharing your screen, make sure participants can’t see private or confidential data. Close all other applications, including email, before sharing your screen.
- Don’t post meeting links on publicly available websites, such as an online syllabus. Post meeting links in Blackboard or send through email, Blackboard email or in an Outlook invitation.
- Lock down your meetings. Follow the steps in this Knowledge Base article control who can join your meeting and what they can share.
- Always double check your microphone and screen sharing settings. If you are a meeting host, you can easily choose to mute microphones and disable screen sharing to make your meeting more secure. Review this Zoom help article for more information on meeting settings.
- Whether at home or in public, be aware of who is around you and what they can hear. Take steps to ensure privacy.
Whether at home or in public protect your computer and what you’re doing on it.
- Lock your workstation when you step away from it—every time—especially in public.
- Be aware of who is around you, and what they can see. Don’t let people “shoulder surf” and view your screen. Consider a privacy filter for your monitor that will limit the viewable angle.
- Maintain physical control of your laptop if you use it outside of your home. Do not leave your computer unattended, even if it's "only for a minute."
- Store your laptop and bags out of sight in your vehicle, preferably in the trunk.