With many areas in the University adopting a hybrid working model, it’s important to address the threats that emerge while working from home. These practices are designed to help keep your personal information, UNE information, and devices you use safe from a cyber-attack.
Cyber Security Education
Human error is one of the leading causes of successful cyber-attacks and security breaches. Security awareness training is critical in preventing these attacks; every staff and affiliate member needs to be able to recognise a malicious email and what to do if they receive one. If you haven’t already, please undertake your UNE Cyber Security Awareness training. If you would like further training on recognising these emails, please reach out to our IT Support team.
Secure Physical Data
While it’s vital to secure your online data, it’s also important to secure your physical data. Always lock your workstation screen, lock your office door if possible, and do not leave sensitive information unattended. It’s good practice to shred any work files that are no longer in use. You may become the victim of Identity Theft if your device is accessed by an unauthorised user, and you may be held liable if your device is stolen. USBs containing malware can also be left in public spaces on purpose by threat actors. If you find one do not use it.
Secure Access From Anywhere
UNE has a VPN service (Global Protect VPN) that provides a safe tunnel between the user’s device and the UNE domain, allowing the user secure access to the University systems. It’s good practice to connect to the VPN whenever working from home to enable a secure connection and for the device to receive the latest security patches and operating system updates. Do not connect and work off a public wireless network as these are extremely vulnerable to attacks, only connect to your personal secure home network.
Approved Hardware and Software
Only use hardware and software that has been approved for use by UNE. UNE devices are configured to receive all security and system updates to mitigate the threat of a cyber-attack and utilise Microsoft Defender to prevent malware. Due to the increased risk, it’s not recommended to use your personal device for UNE work. Using a personal device or non-approved software can expose your personal and confidential UNE information leading to a data breach or attack.
Reduce Heavy Reliance on Email
Email is the leading attack vector used; typically attackers will incorporate an abundance of techniques such as email spoofing, domain impersonation, phishing, and social engineering, all to trick the recipient into trusting a malicious email and compromising their account and/or device. It’s important to have alternative methods of communication to use in the situation that one is compromised due to an attack or outage. Utilising a channel-based service such as Microsoft Teams for general communication and collaboration is a great alternative.
Summary
We all have a role in helping our organisation manage Cyber Security threats. Don’t leave any questions about critical vulnerabilities for tomorrow. Asking questions at your next meeting might just prevent a breach from becoming a total disaster.
As always, we are reliant on people being vigilant and reporting suspicious activity on their systems to our IT Support team (servicedesk@une.edu.au, +61 (2) 6773 5000).
If you haven’t already, we would encourage you to visit the UNE Cyber Security webpage and undertake the UNE Cyber Security Awareness training.
Thank you for your support in helping us maintain the cyber security integrity of UNE.
Sources:
Notebook Check – How to Secure Your Hybrid Workforce
Cisco – Secure Hybrid Work Solution
Recent Comments