Skip to main content
Northwestern University
left

Tool Tip #9: Cybersecurity at Home

Working in the office and working at home are two different kettles of fish (or phish!)—not only because the office has a professional atmosphere but also because your home has a couch, abundant snacks, and a dog or a cat to pet.

In the office, companies and institutions thoroughly protect networks and devices. At home, there are no system administrators (sysadmins) to set everything up in line with Northwestern IT (NUIT) standards. These days, if a confidential document is leaked from your home computer, the buck stops with you. 

Follow these eight simple tips, when working remotely, to act as your own sysadmin:

1 – Protect Northwestern devices, and personal devices, with an antivirus solution. 

Be sure your personal devices have a trusted antivirus solution installed. Weinberg IT has taken great measures to ensure your University-provided computer(s) have the necessary tools to prevent viruses and malicious attacks. When using personal devices at home, you may not be preventing viruses.

Northwestern University encourages staff, faculty, and even students to download and install an antivirus solution by starting with the Northwestern Antivirus Software page. 

2 – Update your applications and operating systems (OS) on Northwestern and personal devices.

New vulnerabilities are continually found in software applications and operating systems. Often cybercriminals rely on human laziness and hope that users won't update software or their OS.

Weinberg College IT relies on Dell KACE patch management tools to automatically update operating systems (Windows 10 and Mac OSX) and major applications (e.g., MS Office, Adobe Suite). For your personal devices, be sure to check how to update software.

3 – Configure Wi-Fi Encryption by requiring a password.

Protecting your computer won’t help if a cybercriminal connects to your Wi-Fi or manages to add an account in your internet router. Anyone with enough knowledge to break into your internet router would be able to intercept everything you transfer via your internet connection, email, passwords, and so on. It is imperative that you know how to configure your router and network connection properly.

If your Wi-Fi connection requires a password, then your connection is encrypted.

4 – Change your router login and password.

Every manufacturer configures their routers’ default settings differently, so make sure you read your user's manual to configure your internet router as optimally as possible.   

If you have never configured your router’s username and password, do so now. The manufacturer’s username and password are meant to be temporary; they are not only weak, but are also known across the internet and are easily searchable.

5 – Use the Northwestern virtual private network (VPN) on Northwestern and personal devices.

We’ve written extensively on the benefits of using a VPN while at home or elsewhere. Please make sure you are always connected to the Northwestern VPN when conducting official business and, ideally, connect to the NU VPN at all times. The VPN provides an extra layer of security to your internet connection.

6 – Lock your devices before walking away.

Even when you're working at home and outsiders have no access to your room, lock your computer screen when you are not using it. You wouldn’t want your child to send your colleagues a gibberish-laden email. Also, you wouldn’t want your cat to walk all over your keyboard and mail an unfinished email.   

Also make sure you are password protecting your computer login.

7 – Use University-supported services for email, messaging, document sharing, and all other professional communications.

All of Northwestern’s productivity tools are configured and managed with the best business and security practices in mind. IT departments are not responsible for access settings of other tools including, but not limited to, Google Drive, Gmail, or Dropbox.

When exchanging documents and other information over cloud services, it is best practice to use the tools provided by the University. You are less vulnerable to exploits, and the University has the appropriate access controls and data management to recover a file in case of a loss. 

8 – Stay vigilant: (a) be alert to phishing attempts, (b) avoid overexposure on social media, and (c) try to isolate work and personal life across devices.
 
A. Be Alert to Phishing Attempts

Be particularly suspicious of emails that include links. If an emailed link to a document does not point to a University resource, it is best to ignore it. Most importantly, do NOT enter your NetID credentials after selecting a link in an email. Instead, navigate to the website directly (box.northwestern.edu) and open the file on the Box site itself. If the email and file were a phishing attempt, you would not see the malicious file in your Box account. 

Phishing attempts may attempt to capitalize on fear related to the coronavirus, questions about isolation and its psychological impacts, or a desire for advice or health information. Scan such emails with a sharp eye and never open attachments unless they’re from a known, trusted source. 

We are likely to see an increase in Business Email Compromise (BEC) fraud. Northwestern is sending you many emails and missives concerning workflows, processes, or reassurances. Watch out for those disguising themselves as high-ranking employees and pay close attention to the actual email address of senders.

B. Avoid Overexposure on Social Media

Try to maintain typical behavior and routine: do you normally check social media on your phone only during lunchtime? Do the same now. Once again, watch out for scams and misinformation, as criminals love using this medium to ensnare their victims. 

C. Do Your Best to Isolate Work and Personal Life Across Devices

It’s easier said than done! Nonetheless, while working from home, it is just as important to have boundaries between work life and home life. Does your child turn in digital assignments from home? Are you ordering groceries and food online to avoid stores? Try to avoid such tasks on work devices and protect your digital home.

While it may seem difficult to switch between personal and professional laptops or smartphones, at a minimum, do your best to keep your primary work computer and your primary home computer separate (if you do have more than one such device). If you can do the same for your mobile devices, even better. The more programs and software you install, the more potential vulnerabilities you introduce. For example:

Tool Tip #10: Prevent Zoombombing

Back to top