5 ways to be secure when working remotely
May 17, 2021
Jessica Murray
Share |
Cartoon of a tired-looking man in pajamas standing in the dark in front of shelves with a router on it. A young girl holding a flashlight says "Dad, standing guard over the router all night doesn't make our WiFi network more secure."
Cartoon: Phil Johnson

Working, teaching, and learning away from the MIT campus poses risks to securing information. IS&T recommends that community members follow these best practices when engaging in activities remotely to help reduce the chance of the information and data you handle at MIT being compromised.

1. Protect your devices

Make sure you work with your department’s IT staff to implement the recommended protections for the risk level of the MIT data you have on your device. The tasks for low risk information can take as little as 15 minutes to complete! We also highly recommend that you use an Institute-owned and managed device for your work at MIT.

2. Protect your information

When exchanging high risk (i.e. regulated, sensitive or personal) information over email (e.g. birth certificates, applications to open accounts or secure loans), make sure to protect your documents and information with encryption through the use of applications such as VeraCrypt or Crypomator.

3. Secure your home WiFi

Make sure your home router’s firmware is up-to date, that you have changed the default password to something strong, and that you have enabled WPA2 encryption for your home WiFi network.

4. Practice safe video conferencing

Use MIT-approved and licensed enterprise video conferencing tools, such as Zoom, Microsoft Teams, or Webex, which offer protections for your security and privacy, and follow suggested best security practices. Be aware of others in your household when using such tools, including digital assistants, to protect confidential or proprietary information. In addition, remember to lock your screen when not using your computer.

5. Be aware of phishing

There has been an uptick in malicious attacks to take advantage of the COVID-19 pandemic. Be wary, in particular, of phishing attacks that pretend to be from the IT department and also of scams that try to trick you into making donations to fraudulent organizations or causes or revealing sensitive information. Protect yourself and your information by using caution when opening emails and attachments.

Additional information and support

For more guidance on how to protect MIT information, see the newly developed Data Classification framework on the Institute’s Information Protection website, including how to protect high risk data as well as the minimum recommended actions to protect low risk information.

Additional secure computing tips are available on the IS&T website.

If you have questions about IT security, reach out to your local IT support or the IS&T Service Desk. To report an IT security threat or incident, contact the IS&T Security Team at security@mit.edu.