IT Guide: Working Off Campus (Home or Traveling)

Summary

This article acts as an IT guide for working off campus and contains information about protecting your passwords and data when doing so.

 

Content

There are a variety of reasons that might necessitate having university employee work from an off-campus location using a non-university computer. University owned computers are configured by ET&S to provide a standard level of security for the data stored on them (hard drive encryption, anti-virus/antimalware, and patched/updated); however, ET&S cannot make the same level of assurance for personally owned machines. As a result, anyone using a personally owned machine to perform university work must take reasonable precautions to prevent accidental data loss.  The CyberSecurity Remote Access Security Standard, found on the USNH Cybersecurity Policies & Standards page, applies whenever accessing USNH resources from off-campus.

The most important thing to remember about working from off-campus is that if you are working with sensitive and confidential information: (i.e. financial records, student data, SSNs, etc) that data needs to be protected in the same way that university property would be protected. For example, if you were driving a university vehicle, you wouldn't just leave the keys in the car in the middle of a parking lot and walk away nor would you leave your university issued laptop, unattended on a park bench.

Risk of data exposure or password compromise increases when you use campus services, or work with university data, off campus.

  • The networks you use are not controlled by your campus and may be more open and vulnerable to attack.
  • A computer and its data are at greater risk of theft when traveling.
  • You may not have up-to-date software and full protection when using a computer that's not your own.

This section spells out specific risks and steps you can take to protect your passwords and data while working off campus.

 

Working at Home

University data stored on a computer you use at home, whether the computer is owned by you or the university, is subject to the same policies as data located on campus. Per USNH Cybersecurity Policy, you are the custodian responsible for all university data on any computer you use. It is your responsibility to know what types of university data you have on your computer at home and to take steps to protect it as outlined here and elsewhere in the Cybersecurity Policies and Standards.  In particular, see the Remote Access Security Standard.

USE A SEPARATE LOGIN ACCOUNT
If other members of your household use the same computer, create a separate login account for your school work and data, with a strong password that only you know. Using a separate login ensures other users on your computer cannot view or access your school documents.

ENCRYPT ALL CONFIDENTIAL DATA
If you have confidential data on a computer that is located at home, or that comes home with you, that data must be encrypted. Check with the Technology Help Desk to find out what encryption solutions are used in your department.

CONNECT TO CAMPUS WITH THE VIRTUAL PRIVATE NETWORK
Connecting to your campus network from home increases the risk of data exposure or password compromise because you have to use networks that are not controlled by your school. To minimize these risks, you should use the campus Virtual Private Network (VPN) when working with sensitive university data. This will ensure that everything you do is encrypted as it goes over the network. The VPN protects your data from electronic eavesdropping. To connect to some department and central resources from off campus, you may be required to use VPN.

SECURE YOUR HOME WIRELESS NETWORK
Home wireless networks are easy to set up and extremely convenient to use. However, an insecure wireless environment poses several risks that need to be addressed:

  • Anyone near your home can use your Internet connection.
  • Anyone near your home may be able to access your computer.
  • Anything sent over the wireless connection could be stolen.

The manuals that came with your wireless router should provide detailed information on how to secure your home wireless network. If you no longer have the manual, use the brand name and model type to search for an electronic copy online.

KEEP YOUR COMPUTER SECURE
Most of the things discussed in this guide apply to your home computers in addition to your work computers. A very common problem with home computers is having out-of-date operating systems and browsers, as well as not having activated current firewall and antivirus software. Take the time to install one of your campuses recommended antivirus solutions, on your home computer.

 

Away from Home and Work

As you prepare to travel, consider where you are going, and what you will be doing while you are there. Ask yourself if there is risk involved with bringing certain types of data along. Take an inventory of the information on your computer, and parse out those things you must have while traveling. If there is any confidential data, it must be encrypted. You might want to consider moving some of the data on your computer to another location temporarily. Before you leave, make sure there is a backup of your system in case the computer you travel with is lost or stolen.

The following precautions should be taken when traveling to help keep your data safe and secure.

CONNECT TO CAMPUS WITH VPN
When you are off campus, using the VPN provides two important benefits. First, the connection is secure and encrypted. That means that no one can intercept and read the information you are accessing or sending. The second benefit is that some university resources like department file-shares, library journals, and certain web sites only are available to people on campus. The VPN provides a way of allowing access to these resources from off-campus. Working on your laptop while traveling increases the risk of data exposure or password compromise. This is particularly true when using open wired or wireless networks at hotels, airports, and other public places.

To minimize these risks, you should use the campus Virtual Private Network (VPN) when working with sensitive data. This will ensure that everything you do is encrypted as it goes over the network. VPN protects your data from electronic eavesdropping. To connect to some department and central resources from off campus, you may be required to use your campus VPN.

BEWARE OF INSECURE NETWORKS

I just quickly checked my email. Is it safe?

Time isn't a factor you only need to type your password, credit card number, or other information once on a compromised computer or network for it to be stolen. Treat wireless connections in Internet cafes, hotels, airport lounges, conference facilities, and other public places with extreme caution, because you don't know how safely the network has been configured or who is using it.

The campus Virtual Private Network (VPN) only protects your connections back to campus, so if you are connecting to sites that aren't connected to your school, like your bank, consider whether you trust that the person or institution providing the network access has adequately addressed security.

KEEP YOUR LAPTOP WITH YOU AS MUCH AS POSSIBLE

  • When flying, store your laptop in a carry-on bag. Don't check it with your luggage.
  • If you leave your laptop at the hotel, lock it in a safe.
  • Don't leave your laptop in your car.
  • When in a public environment, always keep your laptop with you.
  • Travel with a laptop security cable to lock your laptop to a table or chair when you are using it in a public space.

BRING ALONG A LAPTOP WITHOUT ALL YOUR DATA ON IT
When traveling, if feasible, bring along a laptop that doesn't have all your data on it. Contact your department head to find out if they keep spare laptops on hand for this purpose.

BACK UP YOUR DATA BEFORE YOU LEAVE
If you have to travel with a computer that has your data on it, make sure the data is backed up before you leave. If you lose the computer, this will make it easier for you to recover your data. Backing up regularly not only protects you against losing all your work, but if your computer is lost or stolen, having the backed-up data on hand makes it possible to determine what, if any, sensitive data may be at risk.

Some people transport their work from campus to their home by storing documents on USB drives. An unprotected USB drive is a major risk if it contains university data. The solution to this problem is encrypting the USB drive so that if it is lost, no one can read the information stored on the drive without the encryption password.

CONSIDER ENCRYPTING THE ENTIRE HARD DISK
If any confidential data is stored on the computer, it must be encrypted. Additionally, if you travel with your computer, it's a very good idea to encrypt the entire hard disk. A benefit of encrypting the entire hard disk is that all of the data on your computer is protected if your computer is lost or stolen, so you don't have to worry about what to encrypt and what not to encrypt.

 

Accessing Your School's Services from Other Computers

When you are using a computer that isn't yours, whether it is a public kiosk computer or belongs to someone you know, the risk of data theft is higher.

Consider what data you may be placing at risk when using a computer that can't be trusted, and do not access confidential data from an untrusted computer.

PUBLIC COMPUTER KIOSKS SHOULD NOT BE TRUSTED
Always question the security of both the computer and the network. There are many unknowns when using a public computer:

  • How is the computer maintained? Is the software up to date? Have steps been taken to ensure the computer is secure?
  • Hotels, convention centers, airports, and the like generally outsource technical support services, so you are gambling on the integrity of both the institution's staff and the company providing the service.
  • Who has been on the computer? Have malicious programs been installed? Is someone watching your network traffic?

When you are on a computer you don't own, a keylogger could be recording everything you type. This means you may unknowingly expose your passwords and other information could be stolen even if you are sending them via a secure (https) web session. They will be captured before they go out over the network.

GOOD PRACTICES WHEN SURFING THE WEB FROM A COMPUTER YOU DON'T TRUST
Avoid using your username and password, and if possible don't access online business or banking services. If you must do either, follow these steps as soon as you have finished.

  • In the browser, clear the cookies, cache, and history before you quit.
  • Exit or quit the browser when you are finished.
  • Change your school username and password when you are working at a trusted computer again.

 

Further Readings

USNH Online Policy Manual > USY.VIII. Cybersecurity Policies and Standards 

USNH Online Policy Manual > USY.VIII.C. Information Classification Policy - regarding Sensitive and Confidential Information

USNH Cybersecurity Policies & Standards 

USNH Cybersecurity Policies & Standards > Remote Access Security Standard 

 

Need additional help?

Visit the Technology Help Desk Support page to locate your local campus contact information or to submit an online technology support request.  For password issues you must call or visit the Help Desk in person.