Teaching and Learning Securely from Home

Now that classes have been transitioned from in-person to online, there are a few things to be aware of in order to keep your information safe while teaching and learning remotely.

While we always try to stay secure, the current environment may call for a little extra effort. Securing ourselves while not on campus has some extra challenges, especially since there are additional threats to our information in the form of hackers trying to take advantage of insecure computing environments, and scam artists using real-world events to trick us into revealing personal or financial information.

First Things First

If you have a computer provided to you from your University, only use that device to access systems and applications used for teaching and learning, and don’t let other’s use it. If you are using a personally owned computer and you share it with others, encourage them to use safe practices, refrain from visiting questionable websites, downloading unsafe software, and otherwise being careless with security.

Start with A Clean System

If you are comfortable with and understand the process, now would be a good time to uninstall any unnecessary programs and applications. You don’t want to leave your system open to security holes that may exist in software that you don’t need.

Update your antivirus software and run a full scan to be sure your system is free from malware (malicious software). The computer provided by your Institution should have antivirus software installed, but if you are using a personally owned computer, you should make sure antivirus software is enabled or installed. Windows operating system has built-in antivirus that should be enabled, but there are many other effective antivirus programs that can be used on Windows, Linux, and Mac computers. Consult your local IT department for options.

Update, Update, Update

Take the time to check for and install the latest security updates for your computer. Turn on automatic updates if it is not already on.

The same should be done for your home wireless router. Update the wireless router firmware. If you received your wireless router from your ISP, consult them prior to updating the firmware. Here’s a guide to get you started: https://www.wikihow.com/Update-Router-Firmware

Home Network and General Security Practices

Be sure that your Wi-Fi requires a strong password to connect and you should enable encryption. You should also have a strong password for your router’s admin account. You may want to turn off the “Guest” Wi-Fi if you have it enabled.

Be on the alert for emails, attachments, texts, or phone calls directing you to click a link or respond with your personal information. There are many criminals currently using the COVID-19 virus concern to take advantage or panic you into giving up information that you normally wouldn’t. If you receive a suspicious email or communication, you can report it to your local IT department using the method they provided, or report it using the ‘Report Phishing’ button in your Outlook client (if available).

Multifactor (Two-factor) Authentication (MFA)

Many of the systems and services you use to interact, teach, and learn at the North Dakota University System are protected by Multifactor (two-factor) Authentication (MFA). For most student and faculty working remotely, the second factor will be your mobile phone. Something to always remember is never approve an authentication push, phone call, or SMS when you are not expecting one. If you see a Duo or other MFA request that you did not initiate, that could mean an attacker or unauthorized person has your password and the only thing keeping them from accessing your account is whether or not you approve. If this happens to you, use the Duo app or phone call to ‘report fraud’ and change your NDUS password immediately. Don’t fall for tricks like an email that states “This is your tech support. We are testing the system. Could you please approve the Duo prompt.” Don’t let the fact that you are working in different ways and may not have as much contact with tech support, administrators, helpdesk, etc. cause you to let your guard down.

Passwords

If you aren’t already, this is a good time to start using a password manager or vault. Password managers make it convenient to use and keep track of long passphrases and complex passwords instead of using simple passwords or the same password for many systems and accounts. Consult your local campus IT department for options.

The Usual Things

Everything that you normally need to do to be secure on your computer and mobile phone still applies. There are guides available from various sources to remind you what to do and what to look out for. You may find these guides extra helpful now that you are working remotely. Here are a few:

Working From Home Securely (SANS Institute)

22 Red Flags (KnowBe4)

20 Ways to Stop Mobile Attacks (KnowBe4)

5 Network Security Remedies for Telework (Center for Internet Security)