Teleworking Security Guidelines
Remote Access to Emory Resources
Emory University faculty and staff can utilize Emory’s VPN to access Emory resources while off campus. If you are able to access all of the IT services that you need without using Emory’s VPN, then there is no reason to utilize it.
For Emory Healthcare personnel, the only permissible remote access connection for personally owned devices is to utilize the Virtual Desktop. Workforce members are required to log in through https://workspace.emory.org/
Remote Access Security
Personal equipment that is used to connect remotely to Emory networks should meet the following requirements:
- Equipment must have anti-virus software installed, and the anti-virus definition files and software must be kept up-to-date.
- Equipment must be kept up-to-date with the most recent security updates and patches.
- Users must ensure that a personal firewall is installed on their system. The firewall must be configured to block unsolicited inbound connections and must be running at all times.
- Users must not store ePHI or other confidential or restricted data types on personal systems. Personal systems that are used to process ePHI must comply with Emory’s HIPAA policies.
- Users must not disclose any of his or her Emory passwords to anyone, not even family members
Secure Storage
Emory provides OneDrive for secure file storage both on and off campus. Files should be saved in OneDrive or other approved secure storage locations rather than saving files directly to your computer.
Multi-Factor Authentication (Duo)
Duo helps protect your account by requiring you to verify your login attempts while working remotely. With Duo, an attacker who knows your username and password still won’t be able to login without your authorization. If you are not already enrolled in Duo, you may do so by visiting https://duo.emory.edu.
Anti-Virus Software
If you use an Emory owned and managed computer anti-virus software should already be installed. If it is not, please notify your local IT support organization. Below are suggested anti-virus products for personally owned devices.
Free: https://us.norton.com/products?inid=nortoncom_nav_products_homepage:home | For a fee: |
| https://www.malwarebytes.com/premium
|
Check with your Internet provider as some offer free virus protection software.
And remember: Always exercise caution when visiting websites and reading email. If you are suspicious of an attachment or link, do not open it.
Security Updates and Patches
Software updates are extremely important in keeping any device safe. New security flaws and vulnerabilities are constantly discovered, and the main way to defend against these issues is to install updates from the device manufacturer. If you use an Emory owned and managed computer, updates should be installed for you on a monthly basis. If you are using your own computer, you should ensure that it is updated regularly.
Windows users should turn on Windows Update and set it to download and install patches automatically.
For Mac OS X, patches are installed via the “Software Update” system preference, located under the Apple menu, and System Preferences.
Browser Security
Exploiting browser vulnerabilities has become a popular way to compromise computers.
Best Practices
- Do not use the "remember my password" function of a browser or website.
- Ensure the pop-up blocker in your browser is enabled.
- Install updates to your web browser when the browser prompts you to do so. Chrome, Firefox, and Edge will automatically update themselves. Internet Explorer and Safari will be updated when you install system updates.
Home WiFi Security
On your Wi-Fi router, consider these best practices for improving the security of your home wireless network.
- Use a network name that does not give away any personal information.
- Change the default password that comes on the router to a strong password or passphrase that is only shared with authorized users of your wireless network.
- Enable the most secure encryption on the router. WPA2 or WPA3 is the latest version of Wi-Fi protected access.