Security at Home

Working from home (WFH)

Advances in technology make it possible for us to work not just from our homes, but anywhere there is internet access. Therefore, it is essential to ensure that you maintain the same security regimes in your home and workplace.

Your work and home laptops and devices contain personal and sensitive information about you, your family, and your workplace that you would prefer to keep private. Some smart devices, including fridges, security systems, and media centres, require network access and an account. Here are some ways you can keep your information secure at home:

  • Secure passwords - set a strong password or passphrase and use multiple accounts when setting up online accounts, devices, and services
  • Screen lock - Set your computer to lock when idle
  • Encryption - keep any personal information stored on your computer encrypted
  • Back up your devices regularly
  • Software updates - set automatic updates to install and check application updates regularly (Adobe, steam, iTunes)
  • Firewalls - enable inbuilt operating system firewalls on your computer (important for devices that connect to public networks such as laptops and tablets)
  • Minimise Applications - uninstall and remove those applications you infrequently use
  • Plug-ins - uninstall web browser plugins and search bars

When working remotely, there are three rules:

1. Use Public Wi-Fi cautiously

  • Confirm the network is legitimate – be aware of rogue networks that use legitimate names for their connection to scam you
  • Use a VPN where possible –University employees have VPN access – ask IT if you need more information.
  • Only enter personal information on secure sites – If you must access password-protected sites (e.g., email accounts or social networks), only do that if the site offers an https:// option.
  • Avoid financial transactions
  • Don’t do anything private on a public computer
  • Ensure a password secures your home Wi-Fi.

2. Think before you download

More information about this below.

3. Restrict access to your work devices

Even though your workplace owns your work device, it is your responsibility to keep it secure.

  • Use a PIN or password
  • Lock your computer when it’s not in use
  • Do not leave it unattended in public places

Downloading material locally

Some items belong on your work devices, while others do not. When you download material to a device locally, the information can be accessed by anyone who uses or steals your device.

It’s also important to remember that employer devices —laptops, tablets, and mobile phones—are likely to provide access points to a corporate network, so maintaining the integrity of that access is critical.

Here are a few things to consider before downloading to a mobile networking device:

  • Some sensitive data should not be downloaded – Your employer’s data is valuable; in some cases, too valuable to leave the office. Please think twice before downloading confidential data and taking it home with you. There may be a better, more secure way to access the information remotely.
  • Don’t use file-sharing software – Third-party file-sharing software puts your data in someone else’s control. In addition, many audio and video files from file-sharing programs contain spyware or viruses. It’s best to use only company-approved methods for sharing files.
  • Keep personal applications on your personal computer – It can be easy to forget that your work devices don’t belong to you; they belong to your employer. With that in mind, your personal pursuits — games, web applications, and software — should be confined to your personal devices. This protects your employer’s network from any hidden threats, but it also protects you. If you change jobs or devices at some point, your personal data (e.g., user names and passwords) won’t be accessible to other users.

Shared Workstation

Anytime you leave your workstation, you should lock it using Windows Key + L. Leaving your workstation unlocked when you leave your desk can lead to someone using your account in unauthorised ways. This is even more pertinent if you share workstations in an office or home.

Unauthorised use can include:

  • Sending an email from your account
  • Copying, moving, or deleting files or folders
  • Accessing confidential information
  • Locking out your account
  • Downloading unapproved applications, links, images, or videos

It only takes a moment for information or data to be stolen or corrupted. All university devices are configured to require a password to access an account once locked. Locking your workstation does not shut down any programs or close any open files. Enter your password to pick up where you left off, knowing your workstation is secure.

Home Network Security

Does your home network require a password? If not, you are opening your network to scammers. Unfortunately, your internet router is the gateway to internet access for your home and is prone to attacks or unwanted access.

Risks include:

  • Theft of bandwidth
  • Access to your devices
  • Loss or unapproved use of private information
  • Use in criminal activity (illegal downloads, hacking)

Although tedious, taking care of cybersecurity at home is a necessary task. Protect all your networked devices; make some changes at home to secure your network.

Change the name of your default network (SSID) - this stops others from knowing what type of router you have and possible default settings and vulnerabilities that can help gain access.

Set a unique and robust passphrase to your router and networks - remove any pre-set passwords and set something at least 20 characters long. Make it easy to remember but hard for someone else to crack with numbers, characters, full stops, and spaces.

Activate network encryption - wireless networks come with multiple encryption languages (WEP, WPA, and WPA2). Speak with your ISP to confirm what language you should enable for your router.

Turn off wireless when you are not home - Disable your wireless network if it is not used for extended periods. You can also remove Ethernet cables from devices to prevent unwanted access while you are away. This also protects your router from power surges.

Keep your router in the middle of your house - this allows equal access to all rooms and prevents the signal from travelling too far outside. Try to avoid windows so nothing is blocking the signal and your network can't be accessed from outside.

Set a passphrase for your administrator account - remove the default administrator credentials. Most Wi-Fi routers come with default credentials such as “admin” and “password,” which are easy to break into.

Keep your router software up to date - this is not always automatic, so frequently check your administrator console for any new updates and security patches that may be applied to your device.

Try applying these advanced changes to your home network for advanced security.

Change your default IP address - this uncommon option will make it more difficult for hackers to track your network activity. Look up steps for your specific device or contact your ISP for further assistance.

Disable Remote Access - turn off remote access so cyber criminals cannot access your router’s privacy settings and connect to your home network. Make these changes by searching for remote access and following the steps for your device.

Add a firewall to your router - hardware firewalls add an extra layer of security. Some routers have firewalls already installed. Check your device online to see if you can enable this feature on your device.

Back to IT@ND: CyberSecurity