Office of the Chief Information Security Officer

April 3, 2020

Security Tips for Remote Work

Use Sophos Antivirus for Personal Devices

And other considerations in the world of working remotely

The news related to the COVID-19 pandemic, and the stay-at-home measures that have been enacted in response to it, have spawned new opportunities for various types of scams. This is a critical time to take steps to secure your computers, devices, collaboration platforms, and home networks.

It is also important to stay aware of phishing campaigns and other scams that target new remote working conditions and current news stories. For instance, scammers are already leveraging news about stimulus checks to try to trick people into giving up personal and banking information via emails, texts, and phone calls in which they impersonate IRS and other government officials.


Best Practices

Consider the following tips to secure your home computing environment and your communications, and to prevent cyberthieves and other scammers from getting access to your personal and UW data:

  1. Use antivirus software and keep it updated. Sophos Anti-Virus is available, free of charge, to all members of the UW community for home and University devices.
  2. Enable the firewall on your devices. Default firewall settings are acceptable for Macs and Windows machines, but verify that they are turned on.
  3. Use a strong password for users to connect to home routers, and always change the default administrator password. Use separate passwords for user and administrator access. Disable remote administrative access if that feature exists for your home router.
  4. Make sure operating systems on your computers and devices, including  anything that is connected to the Internet, are updated to a supported version and patched with security updates. See the Update and Patch Risk Advisory for more information.
  5. Use Husky OnNet VPN service to connect to University systems.
  6. Check out other tips, tools, and resources on IT Connect’s Working Remotely page and on the Working Remotely Risk Advisory on the Office of the CISO site.
  7. Don’t allow family members, friends, and roommates to use computers and devices that you use to access UW data and information systems.
  8. Zoom, along with other collaboration tools for online classes and meetings, introduces a complex set of risks and threats to personal and UW institutional information. Enhance security and avoid risks such as “Zoombombing” by adjusting the settings when you set up meetings, classes, and conferences. Also use the controls that are available when the session is live. More information can be found on IT Connect.
  9. Report lost or stolen devices that contain UW information, as well as phishing scams, to help@uw.edu.
  10. Report scams that target the UW specifically to security@uw.edu.

Resources

Sophos Anti-Virus software for UW and personal computers

IRS issues warning about Coronavirus-related scams

Update and Patch Risk Advisory

Passwords Online Training 

How to Change Your WiFI Networks Name and Password

Husky OnNet VPN

Protect your Zoom meeting space and class sessions