Maintaining Security When Working or Learning From Home
While putting materials online, it is important to remember maintaining the security of our environment and data is very important. SUNY Cortland has negotiated various contracts with vendors, when doing so we include specific language to protect student privacy and your intellectual rights. In particular, any software which collects data and involves students must adhere to FERPA regulations. When looking to meet with our students over video, we have several offerings such as WebEx and Microsoft Teams. Any software outside of these does not contain language to protect our students nor your intellectual property. For instance, in using a tool like Google Hangouts or Zoom, we can not guarantee those entities would not use your material for promotion or share them with other users of the system without your consent. Please be careful when agreeing to any terms of service, as you may be giving away rights you did not intend to. If you need assistance please contact the the Technology Help Center.
Important Notices
A popular social media trend is posting pictures of your home office setup. We are warning our employees of the dangers of displaying PII on home screens to unauthorized individuals. Feel free to steal/improve the below language for your own use:
For employees working at home, it is important that you take steps to keep sensitive Cortland data safe:
- If you take a photo of your office home setup for any reason, be certain that you do not have screens open with PII information on the,
- While working at home, be aware that your work location and screen could expose members of your household to Personal, Private, or Sensitive Information. You need to be certain that no one except for authorized Cortland personnel has access to or can view this data.
Best Practices
Watch out for email phishing: Cybercriminals use phishing to entice users to share data and login credentials, typically through an email, instant message or text message. While IT security measures can help, phishing defense starts with the employees. Employees should be trained to look out for unusual emails with misspelled email addresses, fishy-looking links or strange requests.
Create strong passwords: Excellent passwords are the first line of defense. It’s also a necessary security precaution many employees fail to take. Don’t rely on simple passwords (looking at you “password123”) that are easily hacked.
Never leave your bag, briefcase or laptop unattended: It seems obvious but cannot be overstated (remember the Apple employee that left the not-yet-released iPhone at a bar?). While leaving your laptop might not make headlines, it can compromise data and cause serious security headaches.
Use caution with wireless networks: Working from a coffee shop or hotel? Use caution when using public wireless networks. Unsecured networks make it easier for cybercriminals to access emails and passwords.
Keep your work separate: Nearly one-third of users use their company computer for personal use. It not only affects productivity but invites security threats. Your company laptop should only be used by you and keep personal tasks off your business laptop.