Body
The following three "work from home" scenarios and security levels have been identified by UWSP's Information Security Office:
- Scenario 1: You use your UWSP computer at home (MOST SECURE).
- Scenario 2: You use Remote Desktop to sign into your UWSP computer (LESS SECURE).
- Scenario 3: You work directly from a personal computer (LEAST SECURE).
When working from home you should follow the Security Procedures For All Scenarios plus the security procedures that follow for your specific scenario.
When working from home, it is important that you adhere to all security procedures for your scenario.
Work From Home Security Procedures
Applies to all "Work from home" scenarios with UWSP-owned and personal devices.
When working from home, all UWSP employees and affiliates should take the following security precautions while using a UWSP-owned or personal device, and in their work area. In addition, you must also follow the security procedures for your specific scenario. The scenarios and their security procedures follow this list.
-
Lock your computer any time you step away.
-
Keep your MFA devices (phone, fobs) easily accessible. Ignore/Decline MFA prompts that display for no reason. You should only accept MFA prompts that are expected, like when accessing university resources. Inform the IT Service Desk as soon as possible if MFA devices are lost/stolen, or if you have concerns about suspicious activity.
-
Keep all paperwork secure when not in use. A locked drawer is preferable. If that is not an option, keep paperwork in a file cabinet or box out of plain sight.
-
Do not use your personal email to conduct business.
-
Do not save university data to your personal device, computer, or flash drives.
-
Do not save work files to third-party cloud storage (Dropbox, Google Drive, etc)
-
Do not email files containing sensitive data as attachments. Attachments are easily forwarded with no tracking mechanism. Instead, when sharing files or collaborating on documents with co-workers, share links to your files.
-
If you suspect an email did not come from the sender in the From line do not reply to the original email. Instead, open a new email and add the sender's email address from Outlook's address book or from your contacts. If you have questions about a sender's legitimacy, contact the IT Service Desk.
You must additionally follow the security procedures for your specific scenario:
In addition to following the above Security Procedures For All Scenarios, if you are using a UWSP computer at your home, you should ensure that it always receives the most current security updates from IT. Watch UWSP Campus Announcements to learn when scheduled security patches and updates are available, and also if emergency patches become available outside of the normal schedule.
To manually install these updates
Scheduled IT security patches and updates are available to manually install starting on Thursday afternoons and can occasionally take up to an hour to complete. You should restart your computer after running these installs.
Allow updates to install automatically
Scheduled patches if not previously installed will install automatically the following Monday after 1 AM or the next time the computer is turned on.
To automatically receive these patches when scheduled:
-
Leave your UWSP computer turned on Sundays overnight and any other times when Campus Announcements alerts you to scheduled patches that can automatically run.
-
Make sure the UWSP computer does not fall into sleep mode by adjusting power settings and laptop lid settings.
-
Leave the UWSP computer plugged into power.
If you are unable to bring your work computer home, you can maintain the next most secure work environment by using Windows Remote Desktop or Apple Screen Share for Macs to securely connect your personal computer to your assigned UWSP computer.
The personal computer must have:
-
A supported operating system. A "supported" operating system means that it receives regular security patches and updates from the company.
-
Supported PC operating system: Windows 11 (Windows 10, 8, 7, or XP are no longer supported).
-
Supported Mac operating systems: UWSP Information Technology supports the three latest MacOS versions. See Apple Support's MacOS page.
-
Up-to-date antivirus.
-
Firewall protection: Your internet connection should have a firewall or you should enable the firewall that comes with your computer. Your firewall should block all incoming connections by default.
-
You must additionally adhere to the above Security Procedures For All Scenarios.
Be aware that doing your UWSP work directly from a personal computer will open this personal computer up to
Open Records requests should an Open Records request be made.
If you still choose to do your work for UWSP from a personal computer without using a secure remote connection to your UWSP computer, you must:
Additionally, you should take the following security measures:
-
Connect through UWSP's VPN (Virtual Private Networking) which adds a layer of encryption between your computer and the network.
-
DO NOT share the computer where you do your university work. Spyware and other malware can easily install from predatory websites, email attachments, or software downloads for games or other activities.
If you have no alternative to sharing the computer or workspace with others, you must create and use separate local accounts for you and for others using the computer. This minimizes the potential of your UWSP work being corrupted or compromised.
Create separate local accounts on:
- Windows 11 (See Switch user on this page)
- Mac (See how to Switch quickly between users)
-
DO NOT work under your computer's administrator account - especially on shared computers! An administrator account gives spyware the easiest access to install and capture sensitive data, or allow malware in general to compromise and even take control of your computer.
Contact the IT Service Desk for additional help!