Security Considerations for Remote Work

 

Unfortunately, during times of emergency or widespread change such as the COVID-19 epidemic, some try to exploit the fear and good intentions of others to personally benefit themselves. MSU provides tools and applications to assist in keeping our employees and data safe. 

Antivirus is a critical piece of software to have on any device. While it is already installed on MSU-owned computers, if you will be working from a personal device while away from the office make sure that it has up-to-date antivirus installed. If you don’t, MSU offers free McAfee antivirus for any personal computers that you own. To learn more and install McAfee on your personal device today, visit: http://www.montana.edu/uit/mcafee/

Be sure to never store University data on any personally owned computers. You will still be able to access Box and OneDrive from home as you would from work, and Opal and Knox will still be accessible while connected to the VPN. If you have any questions about the appropriate location in which to store your data, reference our Data Storage Security page here: http://www.montana.edu/uit/file-storage/security-grid.html#

Tips for identifying phishing emails include:

  • Be aware of any messages requesting personal information. A COVID-19 related email that indicates that you need to provide any of your own information, such as your SSN or login information is a scam. Never respond to an email with your personal data.
  • Check the sender’s email address and any links. You can inspect links by hovering your mouse over the URL to see where it leads. Be aware, however, that scammers will often try to create URLs that closely resemble legitimate URLs.
  • Watch for grammar and spelling mistakes. If an email contains spelling, punctuation, and/or grammar mistakes, it can be indicative of a phishing message that you should delete.
  • Be suspicious of claims of urgency. If an email insists that you need to take immediate action, it is likely that it is a scam. If you suspect that it might be legitimate and truly urgent, you should directly contact the organization that claims to have sent the message using contact information you get on your own, not from the email.

If you receive any messages that claim to come from government organizations or even from MSU that are unexpected, alarming, or ask you to download files or click on links, be extremely suspicious. Please do not hesitate to forward such messages to phishing@montana.edu so that we can help you determine their legitimacy. Some examples of COVID-19 related phishing scams are below:

Phishing Example - CDC FakePhishing Example - MemoPhishing Example - Safety alert

Click on an image to view as a slideshow.

 

Just because you aren’t at the office doesn’t mean that you won’t be able to use many MSU-provided tools. In fact, using personally owned or obtained software for MSU related business can violate terms of service or even put University data at risk. For a list of applications and resources, such as the Microsoft Office Suite and McAfee Antivirus, visit http://www.montana.edu/uit/facultystaff/index.html