Best Practices for Secure Remote Computing

• All UB Policies and standards apply regarding UB and UB data, regardless of work location. 
  • UB and departmental policies can be accessed from the UB website:  http://www.buffalo.edu/administrative-services/policy1/ub-policy-lib.html
  • UBIT policies are here:  http://www.buffalo.edu/ubit/policies.html   The policies of most relevance when working from home are (but are not limited to):
    • Computer and Network Use Policy
    • Data Risk Classification Policy
    • Protection of University Data Policy
    • UBIT Password Policy
    • Remote Access to Administrative Systems and Data Policy
  • UB Minimum Standards for desktops, mobile and other endpoint devices are here: http://www.buffalo.edu/ubit/policies/guidance-documents/desktops-laptops-mobile.html
• You are responsible for knowing and meeting policy requirements regardless of work location.

It is strongly recommended that a UB-owned computer and UB resources be used for all UB-related work.   If you must use a personally-owned computer it is strongly recommend that you follow the UB Minimum Security Standards for Desktops, Laptops, Mobile, and Other Endpoint Devices.

• Only use supported and current operating systems to conduct UB business. (i.e. Windows 8 and up/High Sierra and up)
• Enable all automatic patching and updates and ensure that the system contains up-to-date software. You can access updates in the Control Panel (PC) or System Preferences (Mac). Be sure to update both your operating system and your applications!
• Use an up-to-date anti-virus and firewall client - UB offers Symantec Endpoint Protection for free: http://www.buffalo.edu/ubit/service-guides/software/downloading/windows-software/managing-your-software/symantec-endpoint-anti-virus-firewall.html
• Make sure your computer is password-protected with a strong password required at start-up and login.
• Enable the password-protected screen saver to ensure that your personal computer is password protected when you’re not using it. You do not want a family member inadvertently deleting or changing information.
• Don’t save things to your personal machine or on any shared media – be sure to use UBBox
• Remember not to send Restricted Data (Category I) in email
• Limit downloading of games or other non-essential apps, which are often a source of infection/compromise
• Be cognizant of what’s around you and may be in view of a webcam or mic

Do not leave your computer unattended in public spaces, including within your home.

·       Ensure all devices on your home network are patched

·       Disable all internet sharing and IoT or smart-device controlling software when connected to UB

·       Router updates

o   Many routers have had firmware updates to address security issues. https://www.howtogeek.com/205299/how-to-ensure-your-home-router-has-the-latest-security-updates/ provides information on updating your router

• Secure Wi-Fi
  • Secure your Wi-Fi connection at home 
    • Minimally: change the administrative password for the router from the default to something more secure
    • Make sure the firewall is enabled on your router
    • Use WPA2 password protected encryption where possible, which is the generally accepted security standard. Older networks may be encrypted with WEP encryption, which has significant security weaknesses. Most modern operating systems will warn you when connecting to a network like this.
    • Additional suggestions for how to secure your home network can be found here: https://heimdalsecurity.com/blog/home-wireless-network-security/

• Report any university-owned stolen equipment immediately

·       Be vigilant. Attackers always take advantage of chaos to launch phishing and social engineering attacks. Be especially alert for phishing attacks masquerading as communications around COVID-19.

·       Expect phishing attempts where attackers try to masquerade as UB leaders. More about that here: http://www.buffalo.edu/ubit/news/article.host.html/content/shared/www/ubit/news/2018/business-email-compromise-scam-ub-employee-impersonation.detail.html

·       Report phishing to abuse@buffalo.edu using these instructions: http://www.buffalo.edu/ubit/service-guides/safe-computing/report-phishing-attempt.html

·       Be vigilant. Attackers always take advantage of chaos to launch phishing and social engineering attacks. Be especially alert for phishing attacks masquerading as communications around COVID-19.

·       Expect phishing attempts where attackers try to masquerade as UB leaders. More about that here: http://www.buffalo.edu/ubit/news/article.host.html/content/shared/www/ubit/news/2018/business-email-compromise-scam-ub-employee-impersonation.detail.html

·       Report phishing to abuse@buffalo.edu using these instructions: http://www.buffalo.edu/ubit/service-guides/safe-computing/report-phishing-attempt.html