When working remotely, you no longer have all the protections that are in place at the office to keep your data safe from the bad guys. The following ten easy steps can help mitigate this change to your security posture. We’d ask you please do the following:
1. Use OSU’s cloud and VPN services (for systems that require it) when working remotely.
2. Keep your Operating System current.
3. Be sure to use Anti-Virus and keep it up to date.
4. Turn on your Host-based Firewall.
5. Disable Auto Login.
6. Turn off File and Print Sharing.
7. Disable Remote Access and turn off any public folder.
8. Enable Disk Encryption—and be sure to write down that key—you may need it if there’s a problem with your computer later on.
9. Update your applications and remove those that can’t be. Use Auto-update settings if available.
10. Report any suspected data security incident, no matter how small. Including Phishing emails.
Need help with these? Below are instructions for Windows and MacOS. Feel free to contact the Service Desk or your IT group if you would like a technician to walk through any of these steps with you.
See the following Knowledge Base article for downloading and installing the Cisco AnyConnect VPN Client on your computer: https://oregonstate.teamdynamix.com/TDClient/1935/Portal/KB/ArticleDet?ID=51154
For a list of all the useful cloud services OSU offers as well as which services requrire VPN, head to the Keep Working site.
Note: The Current Version of Windows is Windows 10. If you are still using Windows 7 (or a previous version) it is no longer supported, and will not receive updates. Please upgrade to a current version.
To Keep Windows 10 up to date:
Windows 10 comes with Windows Defender built in, which is kept up to date automatically. To check the status of Windows Defender, or to update threat definitions manually:
If you have installed a third-party anti-virus solution, please follow the manufacturer’s instructions for performing updates.
Windows 10 enables the host-based firewall by default, but you should verify that it is on. To do so:
This one should be easy. If you are using an account with a password, auto login is disabled by default in Windows 10. If not, please set up passwords for all accounts on the computer.
If auto login continues after setting up passwords, please contact the OSU Service Desk for assistance.
Disk encryption, called Bitlocker, is available on Pro and Enterprise versions of Windows 10. If it is available, please enable it.
Sorry, this might be a bit painful, and sometimes varies from application to application. But please note that using Windows Update only updates Windows itself, not the applications installed. For those, you’ll have to explore each application you’ve installed to insure it is up-to-date. In general, “check for updates” is found under Help in the applications menu.
We recommend that you check for updates on all applications on a monthly basis.
If you are the victim of a security-related issue, please use the following form to report it to OIS.
Report an Incident
If you receive a phishing email and are using Outlook 2016:
If you are using the new web client, open a new message and simply click and drag the desired message from your inbox list into the body of the new email.
[Please note that we receive so many phishing emails that we are unable to reply to all who submit, but know that we act upon them, and that it is very helpful for us to receive them. Thanks!]
Be extra cautious with email while working remotely!
See the following Knowledge Base article for downloading and installing the Cisco AnyConnect VPN Client on your computer: https://oregonstate.teamdynamix.com/TDClient/1935/Portal/KB/ArticleDet?ID=51154
For a list of all the useful cloud services OSU offers as well as which services require VPN, head to the Keep Working site.
This depends on which Anti-Virus you have installed. The instructions below are for Avira, a free anti-virus client which is recommended by the OSU Service Desk. If you have a different software, please consult the manufacturer’s website for update instructions.
If you don’t have an Anti-Virus installed, please install one. Avira is available for free from https://www.avira.com/en/downloads
In MacOS Catalina this should be on by default, but please verify:
This is likely on by default, but to verify:
Disk encryption protects the contents of your hard drive if your computer is lost or stolen. Apple uses a built in disk encryption product called FileVault.
Sorry, this might be a bit painful, and sometimes varies from application to application.
For any application that was purchased and installed through the App Store, you can simply launch the App Store, click on the Updates icon and install all updates.
For other applications, you’ll need to open the application itself and find how to update it. This varies. For Microsoft Office, click on Help in the Menu Bar and click on Check for Updates. For the Chrome web browser, simply clicking on Chrome in the Menu bar and selecting About Chrome will prompt an update check.
Taking a few moments to explore the Menu bar while in an application, or searching the internet for instructions on updating a particular application is a good approach.
We recommend checking for and updating all applications on a monthly basis.
If you are the victim of a security-related issue, please use the following form to report it to OIS.
Report an Incident
If you receive a phishing email and are using Outlook 2016:
If you are using the new web client, open a new message and simply click and drag the desired message from your inbox list into the body of the new email.
[Please note that we receive so many phishing emails that we are unable to reply to all who submit, but know that we act upon them, and that it is very helpful for us to receive them. Thanks!]
Be extra cautious with email while working remotely!
https://uit.oregonstate.edu/ois
https://uit.oregonstate.edu/keep-working