4 Cybersecurity Tips for Safe Remote Work

---

Highlights | Stay connected, safely

• If you take work with you while traveling — logging in to online services, using email or working remotely — there are steps you need to take to protect your data.
• Be sure to secure your device, watch where you click, use strong and unique passwords, and confirm a safe connection when traveling.
• UW Medicine Information Security Services is here to help.

---

Ah, the open road. There is nothing so enriching or relaxing as some time away from home at a novel destination or a familiar refuge.

These days many people choose to stay connected while traveling. That means logging in to online services, email and sometimes even working remotely. Stay safe while remote by practicing good cybersecurity habits.

Remote safety: secure your device

When traveling, you probably use a laptop, tablet or smartphone to access your digital life. Make sure your device has all the right security features enabled for remote safety.

Software patches are important because they contain fixes for any security bugs that might exist on your device. Resist the urge to put off that update indefinitely. Take a break and grab a coffee while your device is doing its thing.

While traveling, you are likely to have limited time and connectivity. Save yourself some stress by installing updates before you leave town.

Tips to know:

• Enable automatic updates for all your software and devices.
• Don’t delay updates. They contain important security patches.
• Use antivirus software and keep it up to date.
• Encrypt your device and put a password on it.
• When you’re on the go, devices can be lost, stolen or broken.
  • Back up all your files to a safe location.
  • Don’t leave devices in cars or other insecure locations.
  • Consider using a cable lock if you use a laptop while traveling.
• Bring your own charger brick instead of relying on someone else’s.
• Don’t store confidential work information on your personal device.

Watch where you click, especially when working remotely

Think about each email that you receive. Who is it from? It may be from a manager, co-worker or a website you are signed up for. How do you identify the sender? Do you look at the “From” line, an avatar in your email client, or maybe the signature line of the email?

Scammers often abuse your trust in email. They use fake email addresses, fake signatures, familiar-looking icons and other tricks to fool the recipient.

While you’re remote, protect yourself from phishing, viruses, malware and other scams. When you receive a link over email, make sure it brings you to a legitimate website. If you receive a link or attachment you aren’t sure about, check with the sender to make sure it came from a trusted source.

For high-value tasks such as bank transfers or large purchases, have a rock-solid communication plan in place with stakeholders before you travel.

Tips to know:

• Before clicking a link in an email, hover over it to see the URL.
• If you aren’t sure about an email, take steps to validate its authenticity:
  • Give the sender a call or a text using a known, good phone number.
  • Or leverage your company’s instant messaging service.
  • Navigate to an official website instead of clicking a link.
• Do not open attachments from untrusted sources.
• If you get a request for money or gift cards, stop and think before you act. This is a common scam.
• If an email isn’t legit, delete it!

Related read: Phishing At UW

Use strong (and unique) passwords for safe remote access

Passwords are the keys that get you into all your online services. When you work from a remote location or travel away from home, you rely on passwords to access your emails, documents, messages, social media and more.

Avoid reusing passwords when signing up for hotel services, tour programs or any other online account. When a password is reused, it’s easier for attackers to get into your data.

It can be difficult to remember a huge number of different passwords. A password manager is a tool that securely manages all your passwords for you — a must-have for the modern digital nomad.

Tips to know:

• Use a different password for each online service.
• Consider a password manager to help keep track of passwords and store them safely.
• Be careful with your work-related accounts.
  • Nobody should ever ask for your work password over the telephone or via email. If you get such a request, it’s a scam.
• Strong passwords contain a mix of lowercase letters, uppercase letters, numbers and symbols.

Related read: Best Practices For Password Usage

Connect securely while traveling

When you access data over the web, you may be connecting to a service that is located hundreds or even thousands of miles away. You can use an array of modern security features to help protect your data from any prying eyes on the network.

Encryption makes it impossible for an attacker to view or modify data while it is in transit. When a website has the “lock” icon, you can be confident that is uses strong encryption. When connecting to resources for work, make sure you use a virtual private network (VPN) connection. This adds a layer of security to your internet connection.

Tips to know:

• When browsing the Web, look for the “lock” icon to ensure the connection is secure.
• Before entering a password, check the URL to make sure you are on the right website.
• Use a VPN connection for work-related activities.
• Prefer secure networks, such as your work Wi-Fi or your mobile data connection, over the less secure networks at restaurants and hotels.
• Enable two-factor authentication (2FA) on your accounts. This simply means you verify your identity multiple ways before getting access.

Resources

• UW Medicine Information Security Services
• Protecting Patients: Security & Compliance Guidance For Teleworking (login required)
• UW Medicine Phishing And Spam Email Guidance (login required)
• Phishing Examples
• UW Medicine Duo 2FA
• To report a cybersecurity event, email UW Medicine Help Desk at mcsos@uw.edu.