Photo of a laptop with video conference on screen and a coffee mug in the foreground
Even if you're accustomed to learning and working online, now's a good time to review the best steps you can take to keep your information and devices safe.
Monday, November 9, 2020 - 5:06pm

By now, students, faculty, and staff have (mostly) adapted to online classes and remote work.

But as the University of Iowa prepares to finish the semester from a distance, it’s a good time to review what you can do to study and work safely online, on campus or off.

The following tips will help you keep your information secure and private when working at home or any other location.

1. Beware of phishing and suspicious links

Email security systems prevent many email phishing attacks from reaching UI inboxes. Nevertheless, remain alert for email messages that ask for passwords or personal information, point to strange websites, or just seem suspicious.

Cyber-crooks have developed scams that take advantage of the COVID-19 pandemic—don’t let your guard down. Report phishing scams to ITS.

Avoid suspect web links wherever you encounter them—email, social media, or other websites. UI security systems that guard against sites known to be harmful won’t necessarily protect you at home, so use extra caution.

2. Keep your devices up to date

Make sure to install updates to system software and applications—they frequently include security patches. It’s easy to ignore update notices but doing so leaves your devices and data vulnerable.

  • If you use UI-owned and managed devices: For faculty and staff, using a university-managed computer for work is the most-secure option. ITS will apply operating system and application updates regularly. Make sure you restart computers and other devices on a weekly or monthly basis—some updates require restart to install.
  • If you use your own devices: If you're an employee who uses your own devices for any work-related tasks, it’s essential to keep them secure. Check for updates regularly and follow up on update notifications. Get basic instructions for updating PCs, Macs, and other devices on the university's remote-work website.

3. Use antivirus software

All computers are susceptible to viruses, spyware, and malware. Antivirus software can prevent infection by destructive or intrusive programs.

ITS recommends free antivirus software for PCs, Macs, and Linux computers. Review the options and determine what best meets your needs. Once you’ve installed an antivirus application, run it daily to scan for abnormal activity or malicious files.

4. Avoid unsecured networks

Unsecured public Wi-Fi networks (at a libraries or coffee shops, for example) leave your online activity exposed. Avoid these networks unless you’re using a secured VPN or remote desktop connection.

At home, make sure your Wi-Fi network is secure with a strong password (see below) and WPA2 encryption.

5. Use Two-Step Login and push notifications

The university requires Two-Step Login for access to online tools like MyUI, ICON, and Employee Self Service. The system prevents unauthorized users from accessing your information using stolen HawkIDs and passwords.

Push notifications to the Duo Mobile app are the fastest, easiest, and most reliable way to complete your two-step logins. If you use other methods like phone calls or texts, take a few minutes and switch to push.

6. Follow good password practices

Use strong passwords, change them regularly, and follow other proven password practices:

  • Use complex, unique passwords that combine 9-15 numbers, lowercase and capital letters, and special characters.
  • Don’t recycle or use variations on the same password.
  • Don’t use the same passwords for both personal and work/school accounts.
  • Change your passwords every few months.

Consider using password management software to generate and keep track of strong passwords.

7. Protect your workspace

Take care of your devices, physical documents, and other items that may contain private information, especially if you use a shared or public workspace:

  • Shield screens and documents from prying eyes.
  • Use headphones when participating to private discussions. Be careful about what you say and consider who might be listening.
  • Avoid printing sensitive documents at home or in public places (e.g., libraries).
  • Enable device passwords (or fingerprint/face scans) and logout or shut down when you’re not using devices.
  • Protect devices from theft (for example, don’t leave them in your car).
  • Secure everything when you need to step away from your workspace.

8. Handle confidential data responsibly

Take extra care with confidential information, especially protected student or patient records and research data. It’s your responsibility to safeguard this info wherever you are. Don’t save it to personal devices, especially those you share with other people. Never write it down on paper.

Review remote-work guidance from the IT Security and Policy office for additional details. Also see information security guidelines for researchers.

If you work with research data from home, be sure to utilize the UI storage solution appropriate for the data by classification (find more info on classifying data).