Work At Home Security

General guidance for University employees, including USA Health workforce members, engaging in at-home work, whether using University-provided or personally owned devices. 

This guidance establishes a baseline of recommended security practices for University employees engaging in at-home work. It should be used in conjunction with other directions or policies which may govern your specific data and does not supersede any policies which stipulate additional requirements or higher levels of security. 

Review Information Security’s “COVID-19 Information Security Advisory”  https://www.southalabama.edu/departments/csc/informationsecurity/covid19securitythreats.html

As an overview, we recommend the SANS Institute “Top 5 Steps to Work from Home” https://www.southalabama.edu/departments/csc/informationsecurity/workathome/resources/sans-top5stepstosecurelyworkfromhome.pdf

We further recommend the following: 

1. Do not use unsecured public wireless networks for University business
   
   

2. Protect your Computer from cyberthreats

   • Turn on automatic updates for the operating system.

   • If your individual programs allow, turn on automatic updates for them

   • Ensure you have current, updated Anti-Virus software

   • Update the browser and keep it updated. Most browsers allow you to check that by clicking on “Help” and then “About”

   • Turn on the operating system firewall.Windows 10 Users: https://learn.microsoft.com/en-us/services-hub/unified/health/remediation-steps-ad/ensure-the-windows-firewall-service-is-started-and-configured-for-auto-start

   • If you feel technically proficient to do so, set up a separate, non-administrative, user account and use that routinely instead of a privileged administrator account.
     
     

3. Protect your home network

   We recommend that you review the Center for Internet Security’s “Telework and Small Office Network Security Guide”  https://www.southalabama.edu/departments/csc/informationsecurity/workathome/resources/cis-controls-teleworksecurityguide.pdf 

   Among its key recommendations for your network router: 

   • Change the default admin password

   • Configure router for auto-updates.

   • Ensure you require a password to access your wireless network. 

   • Configure router to use WPA2 or WPA3 authentication. If not available, consider purchasing a new router.  Recommend NOT to use WEP.
     
     

4. Protect University Assets when working at home

   • Under no circumstances allow family members or other individuals to use a University-owned computer when at your home.

   • Do not engage in recreational web use on your University computer.  Remember that you are outside the protections of the University networks.

   • Do not allow family members to use your personally owned computer while you have active VPN or other sessions accessing University resources. 

   • If possible, have separate logins so family members will not inadvertently access University resources.

   • Disable the "listening" features of AI devices such as Amazon Echo©, Google Nest©, Apple Home© when conducting University business by phone or video-conference.

5. Protect your JagMail/JagNet access

   We highly recommend that you configure 2-step Verification for your University @southalabama.edu or @jagmail.southalabama.edu email account. 

   This not only adds an important layer of security to your account, it also reduces the likelihood that Google’s very strong access controls will falsely decide you are an intruder and block your access.

   University guidance:  https://www.southalabama.edu/services/jagnet/twofactor.html