Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

If working at home using your own IT equipment, Please view the advice and guidance below for doing so in a secure manner. Whilst lots of the advice if specifically, for your own device, remember a lot of the information around emails and passwords should be followed too even when using College owned devices.

College Policies

As a starting point, it is worth reminding all staff that the College has a number of IT related policies that all staff should ensure they have viewed. Specifically, in relation to home working you should familiarise yourself with the following policies:

  • IT Access and Online Safety Policy
  • Data Protection Policy
  • Password Management Policy
  • Clear Desk Policy

Keep Your Devices Up to Date

It is important that all devices are kept up to date with routine and critical updates at all times. You should install these updates as soon as you can in order to protect against known (or unknown) vulnerabilities or security exploits. Regardless of the underlying Operating System or application, there is always a way to configure your updates to download and install automatically and we’d advise this is the easiest and most effective way of doing so.

For mobile devices or tablets, updates can be configured within the settings to notify you when software or application updates are available.

If you are using a College owned device, IT Services will manage all updates on that device.

It is highly recommended that you should not use devices that can no longer support vendor updates.


 Please note that Windows XP, Windows Vista and Windows 7 are all End of Life so should not be in use now if at all possible.

Use Strong Passwords

As advised in our Data Protection and Information Security training, remember to use strong and secure passwords for all your accounts, whether that be personal or work accounts. Whilst it is difficult to do so and remember so many passwords, no accounts should have identical or similar passwords. This protects us against multiple accounts being compromised in worst case scenarios.

Only use Approved Tools

You should always check with your line manager or IT Services before using a new software application or tools for work related purposes to ensure it is an application we support.

When downloading new applications to your device, you should only download from approved or official channels. For example, Google Play or Apple App Store.

Remember if you need access to Microsoft Office or Adobe CC, you can download to your own device free of charge through your College account:

MS Office

Adobe

Device Protection

All personal devices should be secured with Anti-Virus software to protect against viruses, malware, ransomware, etc. We

The College provides free access to Sophos Anti-Virus for all staff:

Install Sophos Anti-Virus

Further to Anti-Virus packages, you should also consider using inbuilt firewalls to prevent unwanted inbound connections to your device. Major Operating Systems such as Windows and Mac OS include firewalls as part of the build, so no third-party tools are required. Just turning these on should give you default required protection, so no difficult configuration required.

Data Protection

Data Protection principles still apply whilst working from home, email use remains one of the biggest threats to the business and yourselves. Below are some of the key points to be mindful of:

  1. Always use the BCC field rather than the CC field when emailing a number of recipients; particularly if they don’t know each other and there is no reason why they should have visibility of each other.
  2. Don’t use personal email addresses to send personal data from or to as this in itself is a data breach. Using a personal email address for work related correspondence, even without personal data being involved, is bad practice and also increases the chance of a future data breach, it is a practice that should be avoided.
  3. If you are sending personal data, please ensure it is encrypted/password protected first (instructions on how to do are included at the bottom of this article). You wouldn’t send personal details via Royal mail using a Postcard, emails have the potential to fall under the same principle.
  4. Entering sensitive information (E.g. Username/password, credit card details, etc.) into a website without an SSL Certificate (i.e. The padlock in the address bar and the address being https rather than just http) is like using a toilet on the roadside; people may be able to see exactly what you are doing, if the website doesn’t have a padlock and is asking you to enter data, be suspicious!

Privacy and Confidential Waste

Where relevant; please remember to ensure that your screen cannot be seen when you are working from home. If you require a privacy screen please raise a ticket via the Service Desk Portal.

You need to be mindful of your Confidential Waste at home; any documents containing personal data needs to be shredded and not just placed in with your normal household rubbish. Due to the potential issues surrounding this, we would always advocate working via a Runshaw Remote Desktop session where possible and remain completely paperless.

Backing Up Data

When using your own device for work related purposes, you should utilise College storage to back up your data. This can be done by working on Remote Access or using OneDrive cloud storage.

Remember no organisational data should be stored on personal devices OR personal drives (E.G. home drives or personal One Drives).

Local Account Management

Where possible, if you are using a shared or family device, you should use a different account on the device for work purposes. This protects you and the College against any accidental access or loss of data.

If you would like to read a more generic overview published by the NCSC, please see the link below. This also includes some related links around Phishing emails and what to look out for. There is also an online Cyber Security training session aimed at organisational staff.

https://www.ncsc.gov.uk/blog-post/secure-home-working-personal-it

As always, if you have any concerns or questions regarding the information above, or even just need a little bit of guidance with your own devices, please get in touch.


Remember, if it matters to you, it matters to us! Contact the Service Desk.


Thank you & regards,

Service Desk

01772 642057 | servicedesk@runshaw.ac.uk

Runshaw College, Langdale Road, Leyland PR25 3DQ

Like us on Facebook |Follow us on Twitter |Visit our website

  • No labels

IT Services, Runshaw College