Working, teaching, and learning away from the MIT campus poses new risks to securing information. IS&T recommends that community members follow these best practices when engaging in activities remotely to help reduce the chance of the information and data you handle at MIT being compromised.
1. Protect your devices
Make sure your devices are running newer operating systems supported by the vendor (e.g., Windows 10, macOS Mojave 10.14, or newer) and that all updates have been applied. Also ensure that software applications are up-to-date; enabling automatic updates is recommended. Install and maintain anti-virus software (yes, even for Macs) and back up your information regularly.
2. Protect your information
When exchanging high risk (i.e. sensitive or personal) information over email (e.g. birth certificates, applications to open accounts or secure loans), make sure to protect your documents and information with encryption through the use of applications such as VeraCrypt or Crypomator.
3. Secure your home WiFi
Make sure your home router’s firmware is up-to date, that you have changed the default password to something strong, and that you have enabled WPA2 encryption for your home WiFi network.
4. Practice safe video conferencing
Use MIT-approved and licensed enterprise video conferencing tools, such as Zoom, Microsoft Teams, or Webex, which offer protections for your security and privacy, and follow suggested best security practices. Be aware of others in your household when using such tools, including digital assistants, to protect confidential or proprietary information. In addition, remember to lock your screen when not using your computer.
5. Be aware of COVID-19 related scams
There has been an uptick in malicious attacks to take advantage of the COVID-19 pandemic. Be wary, in particular, of phishing attacks and also of scams that try to trick you into making donations to fraudulent organizations or causes or revealing sensitive information. Protect yourself and your information by using caution when opening emails and attachments.
Additional information and support
For more guidance on how to protect MIT information, see the newly developed Data Classification framework on the Institute’s Information Protection website, including how to protect high risk data as well as the minimum recommended actions to protect low risk information.
Additional secure computing tips are available on the IS&T website.