Insecurely configured home routers can lead to eavesdropping and/or attackers gaining remote control of your home computing devices. Follow key and fundamental security safeguards such as changing the default router password and using Wi-Fi Protected Access 2 (WPA2).
Here are some guidelines to follow for working from home securely:
Insecurely configured home routers can lead to eavesdropping and/or attackers gaining remote control of your home computing devices. Follow key and fundamental security safeguards such as changing the default router password and using Wi-Fi Protected Access 2 (WPA2).
See the following guide for router/wifi security:
Router Security: How to Setup Wi-Fi Router Securely
2. Secure your home computers
Keep up-to-date with patches/fixes/updates (including security, operating system, and antivirus updates). Enable the computer's personal firewall and hard drive encryption. Use a strong/secure password that is unique and not shared.
3. Minimize information management risks
Do not save, store, or print University information locally (especially that which is personally identifying). That is, securely connecting to and using University resources remotely keeps University information on the University system. Examples of such University resources include UAlberta Google, faculty/department based file-shares, and enterprise systems such as PeopleSoft, EDRMS, SupplyNet and eClass. Use the University VPN where appropriate and necessary to securely connect to the University network.
If you absolutely need to save, store, or print University information at home in order to do your job, obtain approval from your Director/Chair beforehand, and agree on security safeguards around version control, information sharing/exchange, encryption, and retention/archive/disposal, among others.
The university has created these best practices to help address questions related to sharing information securely. You may have other requirements to consider as well, such as faculty or department policies and procedures, Research Ethics Board requirements, and external stakeholder stipulations.
Institutional data can generally be assigned to one of four categories:
More information can be found in the UAPPOL Institutional Data Management and Governance Procedure document.
It is recommended to avoid sharing extremely sensitive information (such as identifiable patient and health care information, social insurance numbers, and passport information) on any university system (including UAlberta G Suite). If there is a valid and approved business justification for doing so, such sharing may be acceptable provided it includes encryption of data at rest and other compensating controls.
Copyright © 2006 - 2024. All rights reserved. 4R Business Services Inc