Working from home safely and securely
As many of us are now working from home, we must make sure that we can work remotely in a way that is safe and secure. Find out how to protect yourself, your account and your information.
We are seeing a rise in sophisticated attacks targeting the higher education sector, playing on the fear and uncertainty surrounding the coronavirus pandemic. One of our most important defences against attacks is ensuring we all have the skills and awareness to work safely.
In addition to the mandatory training, we now offer a short course on cyber safety that is regularly updated to include information about current threats and provides advice on how to stay safe from attackers.
We strongly recommend you take this course.
When working from home it may be tempting to save work onto your home computer. This puts that information at increased risk of malicious attack or accidental loss. University-provided IT systems and storage are all available remotely.
Protect your account
Your account is the key to your computer, your information and any University systems you have access to.
You can enrol in MFA and change your password, ideally in that order, via ‘Account Settings’ in MUSE.
Protect your computer
When you’re on campus using a computer managed by the University we can take care of many of the essential security measures on your behalf. When you’re using a computer at home then you must ensure it has the correct security in place.
The Information Security webpages provide further guidance.
Protect your privacy
On video calls, be mindful that your background may expose a variety of personal information about you and those around you. Photos, books and personal items on display in your home working setup may release personal or confidential information, such as your location or provide hints about your passwords.
While currently there is no option to hide your background when using Google Meet or Hangouts, take a commonsense approach and carefully consider what is on view when you are on camera or when you are sharing your screen. You may also wish to consider taking video calls in a room you use infrequently.
If you are using your personal mobile to make calls and want to hide your number, IT Services have included guidance in the telephony section of their working remotely guidance.
Using third-party tools
If you are using a tool that is not provided by the University then you are responsible for ensuring it meets security standards and complies with data protection law. Wherever possible use one of the services already provided by the University.
The IT Service Desk can advise further if required.
Using Zoom for University business
Zoom is an online virtual meeting and collaboration platform whose popularity has increased very rapidly as an easy to use tool to support remote working.
At present Zoom has not been proven to meet the University’s information security standards or comply with GDPR/DPA2018.
If you are using Zoom to support University business activities then you should stop doing so and use one of the alternative solutions provided by the University.
We’re endeavouring to provide as much support as possible so that all of our staff can continue to work remotely in a way that is safe and secure.
The Cyber Security Programme is a major project that will address critical cyber security risks facing the University.
The Programme was temporarily scaled back in March in response to the pandemic but will be restarting with a priority on supporting safe and secure remote working. In the coming weeks we will be sharing a self-service security health check that will guide you through each of the above measures alongside an option to request remote assistance if you encounter difficulties. We will be in touch when this service is available.