Telecommuting, Mobile and Travel Safety Guidance
Telecommuting, Mobile, and Travel: Technical Security Tips
ASU’s community is increasingly global and mobile. Now as more of us are temporarily working from home more than ever before, here are some tips to help ensure we protect ASU’s information assets as well as our technology infrastructure.
Security 101 - The Basics
Using ASU issued electronic devices helps ensure that appropriate security measures are in place
Ensure all of your devices are current on software patches and set to auto-update
Remove unnecessary sensitive data from your electronic devices, phone and backup storage devices including USB or thumb drives
Ensure two-factor authentication is enabled on all of the accounts you use to access ASU systems or services
Remember that cellular connections are generally considered more secure than public guest Wi-Fi access
Contact your local deskside team or the ASU Experience Center for additional information at 1-855-278-5080 or chat directly 24/7/365. Additionally, students can visit the Tech Studios on campus for assistance.
If you are telecommuting, please review the Telecommuting guidelines and considerations from the Business and Finance Office for detailed guidance.
Telecommuting Security Guidance
Ensure your ASU provided electronic devices are either with you or locked in a secure location at all times, ensuring these devices are only used by you
Connect only via a secure and encrypted internet connection using a VPN such as the ASU Cisco AnyConnect VPN service ASU VPN (https://sslvpn.asu.edu/2fa) or the ASU full- tunnel version at (https://sslvpn.asu.edu/tunnel)
Ensure your home network is properly secured and requires passcode at a minimum to access. Configure factory-set administrator user accounts within your home network to ensure appropriate security including that all default passwords are changed
If your ASU device or personal device that contains work data such as your phone is lost or stolen, immediately report it to the ASU Information Security Office at firstname.lastname@example.org or the ASU Experience Center at 1-855-278-5080
Additional Telecommuting Resources
Mobile Device Security Guidance
Lock your device by configuring a passcode or enable biometrics in order to use the device. This helps prevent unauthorized individuals from gaining access to your data
Enable encryption on your mobile devices, and ensure that they are configured to encrypt storage with hardware encryption
Use caution before responding directly to unsolicited phone calls, emails or text messages, they may be scams
Set an idle timeout that automatically locks the device when not in use. 15 minutes or less is recommended
Keep all software up-to-date, including the operating system and installed "Apps". This helps protect the device from attack and compromise
Properly configure the location and security settings on your device and applicable applications
Scrutinize permissions requested by any of your phone’s apps. Be careful in accepting requests for personal or device information, including access to your location, your contact lists, or your camera roll
Consider labeling your device with your name and a phone number where you can be reached to make it easy to return if lost
Ensure regular backups since mobile devices often have a greater risk of loss, theft, damage, or hardware failure
Additional mobile security resources
Travel Security Guidance
Keep your electronic devices with you as much as is possible. If you cannot keep your devices with you during travel, ensure they are turned off while stowed in your luggage or locked facility. Pack internet cards, USB drives and other devices separate from your encrypted devices
Connect only via a secure and encrypted internet connection using a VPN such as the ASU Cisco AnyConnect VPN service (https://sslvpn.asu.edu/2fa) or the ASU full-tunnel version (https://sslvpn.asu.edu/tunnel)
- Reference the Research Integrity and Assurance: International collaborations and travel page for additional Travel Security Guidance
Remember a guest or public Wi-Fi at a restaurant, conference or hotel has many users with varying degrees of device security. It is a good idea to postpone accessing ASU systems unless you are using the ASU VPN service
Confirmation is key for WiFi connections. Anyone can set up a Wi-Fi network ID and broadcast it. Instead of assuming the name of the guest Wi-Fi you are trying to access is the right one, contact someone working in the restaurant, hotel, coffee shop, etc. to confirm the name of the Wi-Fi network they are offering
Cellular connections are considered more secure than Wi-Fi access. Many mobile cell services offer mobile hotspot functionality. Mobile hotspot means you use your phone or a mobile carrier's device to access the Internet. This method bypasses both the public Wi-Fi and hotel Internet all together. A better alternative for sensitive information (e.g. personal banking)
Review your electronic device settings. Macs and PCs have some file sharing options that assume you are on a trusted network, with other trusted computers. If you are connecting to a network that isn’t your work or your home, turn off file sharing in the MacOS and Windows, while also enabling your system’s built-in firewalls. In these situations, keep your Internet-connected apps and services open to a minimum
Be wary of shoulder-surfing - someone who might be nearby that could be looking over your shoulder at your screen - consider using a screen shield or privacy guard
For travel to security sensitive locations, consider whether it makes sense to take any electronic devices and if needed an ASU loaner or alternate device(s), including laptop and phone. These loaners will be wiped clean upon return
If your laptop is lost or stolen, immediately report the loss or theft to the ASU Information Security Office at email@example.com or the ASU Experience Center at 1-855-278-5080
Additional travel security resources
Data Security Guidance
ASU personnel handle many kinds of sensitive information, much of it subject to privacy laws and other regulations. This information may reside on ASU-managed network servers, on third-party "cloud" systems, or even sometimes on local disks, portable devices, or removable media. Wherever it resides, and wherever we are at the time, it's everyone's responsibility to keep this information secure and confidential.
ASU's Sensitive Data Handling standard outlines roles, responsibilities, and appropriate methods for securing and storing sensitive information. The standard includes an appendix with detailed examples of information considered sensitive; the list, while not exhaustive, will give you a basis for evaluating the sensitivity of data.
Below are some things that everyone who works at ASU should do to protect information.
Smart phones, tablets, laptops, flash drives, and mp3 players are all mobile devices that can store large amounts of data and are highly portable. They are easy to steal or lose, and unless precautions are taken, an unauthorized person can gain access to the information stored on them or accessed through them. Even if not stolen or lost, intruders can sometimes gain all the access they need if the device is left alone and unprotected, if data is transmitting information via a wireless network, or if malware is installed. The results can include crippled devices, personal data loss, and more.
Portable Storage Devices Security Guidance
Ensure only ASU issued Portable Storage Devices (e.g. USB memory sticks, external hard drives) are used
All ASU issued storage devices must be encrypted
Ensure a username/password is enabled to access the data/device
Avoid using free storage devices and cables. Be especially wary of items you may find in the hallway or a parking lot
Additional Technical Security Resources
Contact the ASU Experience Center online or call 1-855-ASU-5080.
To report a security event email the ASU Information Security Office at firstname.lastname@example.org