Please note that the guides below are intended for protecting the privacy of your personal device/s and data at home. For guidelines on protecting the security and confidentiality of university information when working at home, please see Top 10 data security considerations when working remotely
The following guidelines are designed to help you protect your personal computer, personal information, and privacy. Today’s high-speed and “always connected” personal devices are quite vulnerable to Internet attacks. In addition to the value of personal information stored on them, or accessible from them, personal devices can be used as pivot points to campus systems (example) if they not properly secured and managed.
Consider the following:
Configuring and managing your system
- Keep your software programs and operating system regularly updated. Vendors provide web sites where you can go and download software updates and install them. The older your software is, the more likely security vulnerabilities have been found and exploited by hackers.
- Install and schedule regular anti-virus software scans.
- Ensure the system firewall is enabled.
- If file and print sharing is needed, allow access only to authorized users. Review these options in the device's network settings.
- If the personal computer is “always-on”, disable file and print sharing and be sure to turn off all unneeded network services (programs). Familiarize yourself with the services you have configured on your computer.
- Maintain regular data backups and consider employing a file encryption program if highly confidential (e.g., tax files, brokerage or mutual fund accounts/files, bank files, credit card accounts) data is stored on the device. Other options are to keep sensitive files in a nondescript or hidden location, backed up to the cloud or on a portable storage device (USB drive).
- Investigate your workstation configuration & disk drives on a regular basis, to look for suspicious files, programs, or drastic changes in free space on disk. Organize your files and directory structure, so you can recognize changes in your files and directories.
- Protect against power surges with a surge protector, and against power loss with a UPS (un-interruptible power supply).
- Secure Your Wireless Network, wireless networks are not as secure as the traditional "wired" networks, but you can minimize the risk on your wireless network by enabling encryption, changing the default password, changing the Service Set Identifier (SSID) name (which is the name of your network) as well as turning off SSID broadcasting and using the MAC filtering feature, which allows you to designate and restrict which computers can connect to your wireless network.
- Securely purge the device of all confidential data before discarding by erasing or wiping the device.
Configuring and managing your computer and online habits
- Ensure that you have adequate backups of your files. Copy them to a CD/DVD, or to a USB drive backup, and store them in a secure location. Pay particular attention to making backups of your personal data files and custom configuration files on a regular basis.
- If you are working from home accessing and using Personally Identifiable Information (PII) or any other sensitive data, do so via the University’s (Virtual Private Network) VPN service – UI Anywhere, installed locally on your computer to securely access UI information resources through your computer desktop at work.
- NEVER give your password, account numbers, or other sensitive personal information (name, address, phone), or your Internet Address or machine name, out in an e-mail message, newsgroup posting, or in a chat session. Your information can easily be intercepted, forwarded, or redirected without your knowledge, and you really have no way of knowing who is listening in a chat room or reading newsgroup postings.
- NEVER give away sensitive or private personal information on a web page until you trust the company hosting it. Build trust by reviewing the company’s privacy and security policies on their web site, and by insisting on a secure connection (look for the closed lock or a key in the lower corner of your browser window). Know what their policies are regarding reuse, sharing or selling your personal information.
- Never execute or click on a program (e.g., an ".exe") file if you do not know what it is/does, or if you do not trust the source. This is particularly the case for file attachments that are sent to you via e-mail, or are downloaded from a web site that you do not trust.
- Consider clearing your web browser’s cache storage file after visiting web sites where you entered sensitive information, such as a credit card number, or a bank or brokerage account and password, as this information is often stored in your browser too. (Do you select “remember this password” for ease of use in your browser?) If your machine is broken into, account information in your cache files could be used for fraudulent activity or identity theft.