Working Securely from Home: 10 Actions to Take

When working remotely, you no longer have all the protections that are in place at the office to keep your data safe from the bad guys. The following ten easy steps can help mitigate this change to your security posture. We’d ask you please do the following:

1.    Use OSU’s cloud and VPN services (for systems that require it) when working remotely.
2.    Keep your Operating System current. 
3.    Be sure to use Anti-Virus and keep it up to date.
4.    Turn on your Host-based Firewall.
5.    Disable Auto Login.
6.    Turn off File and Print Sharing.
7.    Disable Remote Access and turn off any public folder.
8.    Enable Disk Encryption—and be sure to write down that key—you may need it if there’s a problem with your computer later on.
9.    Update your applications and remove those that can’t be. Use Auto-update settings if available.
10.  Report any suspected data security incident, no matter how small. Including Phishing emails.

Need help with these? Below are instructions for Windows and MacOS. Feel free to contact the Service Desk or your IT group if you would like a technician to walk through any of these steps with you.

 

Securing your Windows PC for remote work

1. Use OSU’s cloud and VPN services when working remotely

See the following Knowledge Base article for downloading and installing the Cisco AnyConnect VPN Client on your computer:  https://oregonstate.teamdynamix.com/TDClient/1935/Portal/KB/ArticleDet?ID=51154

For a list of all the useful cloud services OSU offers as well as which services requrire VPN, head to the Keep Working site.

2. Keep your Operating System current

Note: The Current Version of Windows is Windows 10. If you are still using Windows 7 (or a previous version) it is no longer supported, and will not receive updates. Please upgrade to a current version.

To Keep Windows 10 up to date:

  1. Click on the Windows Icon on the lower left-hand corner of the taskbar.
  2. In the “Type here to search” area, search for Windows Update
  3. Select “Check for updates”
  4. Follow the instructions on the screen. Repeat the above step until there are no more updates
3. Be sure to use Anti-Virus and keep it up to date

Windows 10 comes with Windows Defender built in, which is kept up to date automatically. To check the status of Windows Defender, or to update threat definitions manually:

  1. Click on the Windows Icon on the lower left-hand corner of the taskbar
  2. In the “Type here to search” area, search for Windows Security
  3. Select the Windows Security App
  4. Select Virus & threat protection from the left-hand column
  5. Scroll down to Virus & Threat protection updates, and click on Check for updates

If you have installed a third-party anti-virus solution, please follow the manufacturer’s instructions for performing updates.

4. Turn on your Host-based Firewall

Windows 10 enables the host-based firewall by default, but you should verify that it is on. To do so:

  1. Click on the Windows Icon on the lower left-hand corner of the taskbar
  2. In the “Type here to search” area, search for Windows Security
  3. Select the Windows Security App
  4. Select Firewall & network protection from the left-hand column
  5. Verify Domain, Private, and Public network firewalls are on. If not, click “Turn On” to enable the firewall
5. Disable Auto Login

This one should be easy. If you are using an account with a password, auto login is disabled by default in Windows 10. If not, please set up passwords for all accounts on the computer. 

If auto login continues after setting up passwords, please contact the OSU Service Desk for assistance.

6. Turn off File and Print Sharing
  1. Click on the Windows Icon on the lower left-hand corner of the taskbar
  2. In the “Type here to search” area, search for Control Panel
  3. Select Control Panel
  4. Select Change advanced sharing settings from the left hand column
  5. Under File and printer sharing, ensure “Turn off file and printer sharing” is selected
7. Disable Remote Access and turn off any public folder
  1. Click on the Windows Icon on the lower left-hand corner of the taskbar
  2. In the “Type here to search” area, search for remote settings
  3. Select Allow remote access to your computer
  4. Uncheck the “Allow Remote Assistance connections to this computer” box 
  5. Click Apply
8. Enable Disk Encryption—and be sure to write down that key—you may need it if there’s a problem with your computer later on

Disk encryption, called Bitlocker, is available on Pro and Enterprise versions of Windows 10. If it is available, please enable it.

  1. Sign into Windows with an administrator account
  2. Select the Start (windows) button in the far left-hand side of the task bar
  3. Select Settings (the gear-shaped icon) > Update and Security > Device encryption. (If Device encryption doesn’t appear, it isn’t available on your version of Windows.)
  4. Select Turn on if encryption is disabled
  5. Follow the instructions as they appear on screen
9. Update your applications and remove those that can’t be. Use Auto-update settings if available

Sorry, this might be a bit painful, and sometimes varies from application to application. But please note that using Windows Update only updates Windows itself, not the applications installed. For those, you’ll have to explore each application you’ve installed to insure it is up-to-date. In general, “check for updates” is found under Help in the applications menu. 

We recommend that you check for updates on all applications on a monthly basis.

10. Report any suspected data security incident, no matter how small (including Phishing emails)

If you are the victim of a security-related issue, please use the following form to report it to OIS.
Report an Incident

If you receive a phishing email and are using Outlook 2016:

  1. Select the email
  2. Click More near the top of the window and choose Forward as Attachment from the drop down window 
  3. Send to [email protected] 

If you are using the new web client, open a new message and simply click and drag the desired message from your inbox list into the body of the new email.

[Please note that we receive so many phishing emails that we are unable to reply to all who submit, but know that we act upon them, and that it is very helpful for us to receive them. Thanks!]

Be extra cautious with email while working remotely!

Securing your Mac for remote work

1. Use OSU’s cloud and VPN services when working remotely

See the following Knowledge Base article for downloading and installing the Cisco AnyConnect VPN Client on your computer:  https://oregonstate.teamdynamix.com/TDClient/1935/Portal/KB/ArticleDet?ID=51154

For a list of all the useful cloud services OSU offers as well as which services require VPN, head to the Keep Working site.

2. Keep your Operating System current
  1. Click on the Apple icon in the upper left-hand corner of the screen (far left of the menu bar.)
  2. Click on About this Mac
  3. Note—the current Mac Operating System is MacOS Catalina. If you have an earlier version, you can download and install Catalina from the App Store
  4. Click on the Software Update button and install all updates
3. Be sure to use Anti-Virus and keep it up to date

This depends on which Anti-Virus you have installed. The instructions below are for Avira, a free anti-virus client which is recommended by the OSU Service Desk. If you have a different software, please consult the manufacturer’s website for update instructions.

  1. Click on the Avira icon (an umbrella) on the menu bar on the top of the screen
  2. Select Update
  3. Click OK when the update completes

If you don’t have an Anti-Virus installed, please install one. Avira is available for free from https://www.avira.com/en/downloads

4. Turn on your Host-based Firewall

In MacOS Catalina this should be on by default, but please verify:

  1. Click on the Apple icon in the upper left-hand corner of the screen (far left of the menu bar.)
  2. Select System Preferences
  3. Select Security and Privacy
  4. Click on Firewall
  5. Make sure the Firewall is on. If not:
  6. Click on the lock icon on the bottom of the screen and enter your login information when prompted
  7. Turn the Firewall on, then select Firewall Options
  8. Select Block all incoming connections
5. Disable Auto Login

This is likely on by default, but to verify:

  1. Click on the Apple icon in the upper left-hand corner of the screen (far left of the menu bar.)
  2. Select System Preferences
  3. Select Users & Groups
  4. Select Login Options
  5. If Automatic login is On, click on the lock icon on the bottom of the screen and enter your login information when prompted
  6. Turn Automatic login to Off
6. Turn off File and Print Sharing
  1. Click on the Apple icon in the upper left-hand corner of the screen (far left of the menu bar.)
  2. Select System Preferences
  3. Select Sharing
  4. Uncheck all boxes on the left-hand column
7. Disable Remote Access and turn off any public folder
  1. Click on the Apple icon in the upper left-hand corner of the screen (far left of the menu bar.)
  2. Select System Preferences
  3. Select Sharing
  4. Uncheck all boxes on the left-hand column
8. Enable Disk Encryption—and be sure to write down that key—you may need it if there’s a problem with your computer later on

Disk encryption protects the contents of your hard drive if your computer is lost or stolen. Apple uses a built in disk encryption product called FileVault.

  1. Click on the Apple icon in the upper left-hand corner of the screen (far left of the menu bar.)
  2. Select System Preferences
  3. Select Security and Privacy
  4. Click on FileVault
  5. Make sure the FireVault is on. If not:
  6. Click on the lock icon on the bottom of the screen and enter your login information when prompted
  7. Click Turn On FileVault
  8. Follow the on-screen instructions to setup FileVault. If there are multiple users of the Mac, they will need to enter their login passwords
9. Update your applications and remove those that can’t be. Use Auto-update settings if available

Sorry, this might be a bit painful, and sometimes varies from application to application.

For any application that was purchased and installed through the App Store, you can simply launch the App Store, click on the Updates icon and install all updates.

For other applications, you’ll need to open the application itself and find how to update it. This varies. For Microsoft Office, click on Help in the Menu Bar and click on Check for Updates. For the Chrome web browser, simply clicking on Chrome in the Menu bar and selecting About Chrome will prompt an update check. 

Taking a few moments to explore the Menu bar while in an application, or searching the internet for instructions on updating a particular application is a good approach.

We recommend checking for and updating all applications on a monthly basis.

10. Report any suspected data security incident, no matter how small (including Phishing emails)

If you are the victim of a security-related issue, please use the following form to report it to OIS.
Report an Incident

If you receive a phishing email and are using Outlook 2016:

  1. Select the email
  2. Click More near the top of the window and choose Forward as Attachment from the drop down window 
  3. Send to [email protected] 

If you are using the new web client, open a new message and simply click and drag the desired message from your inbox list into the body of the new email.

[Please note that we receive so many phishing emails that we are unable to reply to all who submit, but know that we act upon them, and that it is very helpful for us to receive them. Thanks!]

Be extra cautious with email while working remotely!

For other security related information, you can always check our home page:

https://uit.oregonstate.edu/ois

 

For information on everything related to working remotely, check here:

https://uit.oregonstate.edu/keep-working