Studying Remotely: How to be Safe, Secure, and Successful
Whether you’re studying on campus or remotely, the principles of cybersecurity can become something of a moving target. Reducing risk on at-home networks, keeping information secure during virtual meetings and having a strong password are some best practices that can be implemented quickly and effectively from wherever you are working.
Reducing Risk on Home Networks
Home IT devices, such as unsecured off-site routers, modems, and other network devices are subject to many of the same threats as on-site business devices. They can be attacked from any device on the internet. Remote devices are also vulnerable to unauthorized access from neighbors and passersby.
As we continue to work, attend school, and connect with friends and family remotely, there are steps you can take to reduce the risk and improve the security of home networks. Consider the following list to gauge the amount of risk involved and improve the security of your home network:
- Are your network devices physically secured?
- Have you changed the default administrative account password on your network devices (modem and router)? Many routers come preconfigured with a generic password from the manufacturer that ls easily accessible on the internet, making it extremely important to change the administrative passwords instead of using the default.
- Do you have a unique password and multifactor authentication (requiring a secure code received via text to login) enabled on your network devices (modem and router) and your internet service provider’s web portal? Is the same true if you use a mobile application for network management?
- Have you installed the latest updates for your network devices (i.e., modem, router, laptop/PC) or have you enabled auto-update with the device’s administration page?
- Does your network device (modem and router) support Wi-Fi Protected Access Version 2 (WPA2) or Wi-Fi Protected Access Version 3 (WPA3) encryption? WPA2 should be the minimum level in use.
- Have you turned off/disabled Wireless Protected Setup (WPS) and Universal Plug and Play (UPnP) on your network? If enabled, these might allow attackers to connect to your devices without permission.
- Have you changed the Wi-Fi network name to something unique that doesn’t provide any identifying information?
- Have you enabled the firewall on your network devices?
- Have you disabled remote management? Most routers offer the option to view and modify their settings over the internet. Turn this feature off to guard against unauthorized individuals accessing and changing your router’s configuration.
- Have you hardened your device by disabling ports, software or services that are unused or unnecessary?
- Do you run updated anti-virus and malware protection software on your device?
Security during virtual meetings
If you intend to use Zoom to meet with classmates to facilitate study groups, work on group projects or any other reason, you’ll want to use best practices. This does not apply to classes that are part of your degree or certificate program. Those meetings are configured with industry standard best practices.
Scheduling meetings
- While using the Personal Meeting ID is useful when scheduling meetings, it is not advisable to use this feature if you are sharing the link with a wide audience or the public. Instead, select to generate the meeting ID automatically. A unique meeting ID expires after 30 days and protects your Personal Meeting ID from being known if the link is shared accidentally to a public audience.
- Require Meeting Passcode: Create a unique password comprised of upper, lower case, numbers, and special characters for each meeting. Passwords should not be shared outside of intended participants.
- Do not allow attendees to “Join Before Host.”
- Consider using the waiting room feature to control entry.
- Enable “Only authenticated users can join meetings.” You may further restrict to only PCHS users.
In-meeting features and sharing information assets during virtual meetings
- Mute all: as the host, you can mute all participants in the “Participants” window. You can also stop participants from unmuting themselves and ask participants to redirect questions or input to the Chat window.
- Lock Meeting: You can prevent anyone new from joining the meeting by “closing the door.” This is done in the bottom-right of the participants window.
- Set screen sharing to host only: in the Advanced Sharing Options window, you can change settings to prevent others from Sharing. As the host, you can still grant individuals the ability to share in the Participants window if necessary.
- Before sharing your screen, close unused windows to ensure you do not share sensitive or confidential information.
- Allow participants to chat with host only: In the chat window, you can lock down the chat settings for your participants if desired.
- Disable annotation: Prevent participants from annotating the screen during your screen share by clicking on the More button inside a Zoom meeting and selecting “Disable participants annotation.”
Managing your information assets and password policy
- Use your organization’s provided services and devices.
- Do not record the meeting unless it is necessary and be aware that others may be able to record the meeting.
- Sensitive information should not be recorded, typed into a meeting description, or any other text field that may be stored within Zoom. It is not permitted to record any meetings with personal health information (PHI).
- Enable recording disclaimer so an audio notification advises attendees that the meeting is being recorded.
- Record the active speaker with the Speaker View, and not the Gallery view of all participants.
- Spotlight Video by right-clicking on the participant you want to lock the video to and uncheck “Display participants” so you do not record any of the participants’ names.
Have you identified more risk than you initially realized? More information and mitigation techniques can be found at Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA).
Remember, just like you protect your physical assets (shed, kayak, or bike) with a padlock, you need to lock down connectivity devices to protect information assets!