department menu

Safe Computing Practices

Welcome to the Safe Computing Practices page!  Here you will find information about how to securely use your computer for CSUSM work remotely.

  1. Keep mobile devices and laptops safe
  2. Ensure up-to-date security protection is in place
  3. Ensure Windows is updated
  4. Limit the use of public WiFi, especially when accessing password-protected resources
  5. Do not log in to CSUSM resources on public computers
  6. If you share a computer with others in your household, make sure you log out of any CSUSM resources you are logged in to and close the browser.  This ensures that your session is fully closed, and no one else can log in as you.

Following are some practices to do safe computing:

  • Keep Mobile devices and laptops safe
    • When leaving your computer, lock the screen with a password to safeguard the data on your computer. Also, always lock your doors when leaving the computer unattended. 
    • Never leave your devices or laptop in the car. It’s a best practice to keep work laptops and devices on your person at all times while on the road. The trunk of your car is not any safer. There may be criminals watching to take advantage of this situation. 
  •  Don't allow family members to use your work devices.
    • If you think of your laptop and mobile devices as work-only assets, it makes it easier to control access to sensitive data. For remote workers, treat your work laptop, mobile device and sensitive data as if you were sitting in a physical office location. This will help you continuously associate your actions with a security-first and data-aware mentality in mind. For example, in a physical office location, your child wouldn’t be able to use your work mobile device for games or movies.
  • Invest in an antivirus software. 
    • If you use your personal laptop for work, it's important to keep your system protected. Scan all attachments that are sent to you.  Viruses can lurk in emails from friends and family.  If you receive a link in an email from a trusted source, hover over the link using your mouse and look in the bottom bar of your web browser to reveal the true URL and validate that the link is legitimate. This will ensure that you know where you are going on the Internet, and whether or not you want to go there.
  • Keep your computer with all the software updated.
    •  It is essential the use anti-virus software.  Most anti-virus software gives the user the ability to do automatic updates.
    • Ensure that your operating system (e.g W10/OS X)  is continuously updated and patched. It is also important to keep other software on your computer updated.  Software updates often include essential bug fixes and security features that address existing vulnerabilities.
    • Make sure that the firewall on your computer is enabled. This will help to keep unauthorized people from snooping around your computer when it’s connected to the Internet.
  • Keep Work Data on Work Computers.
    • Introducing a personal computer to a work network, even remotely,  put that networks at risk, and yourself at risk, accepting the potential liability of extensive damages though violations of policy, practices or both. Use remote environment such as Office 365, so you could work online and avoid downloading or synching files or emails to a personal device.
  • Minimize storage of sensitive information.
    • Delete sensitive information whenever you can. Keep it off of your workstation, laptop computer, and other electronic devices if at all possible.
    • Don't keep sensitive information or your only copy of critical data, projects, files, etc. on portable or mobile devices (such as laptop computers, tablets, phones, memory sticks, CDs/DVDs, etc.) unless they are properly protected. These items are extra vulnerable to theft or loss.
  • Avoid public Wi-Fi; if necessary, use personal hotspots or some way to encrypt your web connection.
    • Public Wi-Fi introduces significant security risk and should be avoided if possible. If you need to access the internet from a public Wi-Fi location, you have two essential problems to solve. First, other people have access to that network and, without a firewall between you and them, threat actors can pound away at your computer from across the room. Second, any interested observers on either the current network or any other public networks your data hits between you and your workplace can monitor your traffic as it goes by. It is important to find a way to protect your PC and encrypt your traffic.
    • For some use cases, you can also set up encrypted remote connections into a remote desktop or other individual server. Many of these connection types (RDP, HTTPS, SSH) include encryption as part of their service direction and do not require an additional VPN or other encryption service to secure the data in-transit.
    • One option is to use a personal hotspot from a dedicated device or your phone.  Using a hot spot does eliminate the problem of getting hacked by people on the same public Wi-Fi.
    • For many remote access applications, you should use a VPN. VPNs provide a flexible connection to connect to different services (web pages, email, a SQL server, etc.) and can protect your traffic.  Keep in mind that VPN services provided for privacy purposes only protect the data to and from the VPN provider, not to the destination so are not suitable for protecting remote access.
  • Avoid surfing websites that you don’t already know
    • Browsers are quickly becoming one of the larger vulnerabilities in computing. Adware and spyware are written specifically to exploit Chrome, Internet Explorer and Firefox. So try and stick with the websites you trust.
  • Only Download files legally.
    • Along with the possibility of significant legal penalties, downloading files from peer-to-peer networks can be harmful to your machine.  These downloaded files are sometimes riddled with viruses and spyware.
  • Keep personal information safe.
    • Reduce your risk of identity theft.  Never share your personal information via email, no matter how official the email looks.  Official business that requires personal information should not happen via unsecured email.
    • Also, limit information on social media sites. For many people, birth dates, anniversaries, addresses, phone numbers, and a lot of other personal information can be found on social media sites.  Protect yourself from identity theft and other scams by limiting what information you disclose online and who can see that information.