Working Safely Online Remotely

The following about antivirus and operating system updates applies primarily to personally-owned, non-ITS-managed computers.

Antivirus Software

Make sure you are running up to date antivirus (AV) software whether on a PC or Mac (yes, definitely Macs too). Being up to date includes the AV software itself and the signatures. Also, be sure to schedule a periodic scan of your computer (scheduled to run at least once a week).

There are several companies that provide free antivirus software. These are just a few:

AVG: https://www.avg.com/en-us/free-antivirus-download
Avast: https://www.avast.com/en-us/free-antivirus-download
Bitdefender: https://www.bitdefender.com.au/solutions/free.html (free for Windows)

This information about antivirus updates applies primarily to personally-owned, non-ITS-managed computers.

Update operating system and software

Make sure that your PC or Mac has the latest operating system patches installed.

On a Mac, click on the Apple in the top left corner of the screen and select "App Store..."
On a PC (Windows 10), click on the magnifying glass on the left side of the taskbar and type "updates," then select "Check for updates"

While you're updating things, please remember to update all the browsers you use.

If you're running Microsoft Office and/or Adobe, please also make sure that the latest patches have been applied.

This information about operating system and software updates applies primarily to personally-owned, non-ITS-managed computers.

VPN

When you're working online remotely, use SwatVPN (VPN = virtual private network). The VPN client software for SwatVPN is called Cisco AnyConnect.
Not only does VPN secure the network communication between your computer and the College, but it also provides you access to resources only available from on-campus and the same level of network protection that you have while on campus. Note that if you don't "control" or own the network you're on (e.g. public WiFi), you should absolutely use VPN for any college-related activities. By the way, VPN isn't just for Macs and PCs, you can also install it on Chromebooks as well as iOS and Android devices.

Watch for scams

Be extra vigilant for fake emails or scams related to COVID-19. Miscreants will leverage the current state of concern and uncertainty to increase their pool of victims. This includes phishing emails, emails with malicious attachments (e.g. invoices, resumes, etc.), sales of fraudulent or counterfeit goods, and propagating misinformation. Be particularly alert for fake emails from the Centers for Disease Control (CDC), the World Health Organization (WHO), and offers of bogus COVID-19 treatment (e.g. fake COVID-19 vaccine websites). There are even malicious websites with interactive COVID-19 maps being used to spread malware. Common sense is often the best protection!! Think before you click!

As always, if you're unsure about the authenticity or security of an email, please forward it to: phishing@swarthmore.edu

Network

For your home wireless network, you should have changed your router's default administrative password to a strong password (or long pass-phrase!!) and be using WPA2 encryption. Be aware of all the other devices attached to your network such as smart speakers, doorbells, baby monitors, webcams, gaming devices, appliances, etc. and make sure they're using strong passwords to connect to your network. You should definitely disable remote administration and Port Forwarding if they are enabled. If you're comfortable with it, you should also update your router's firmware to the latest level. Routers can be hacked too and your traffic can be routed to/through malicious servers. This quick check from F-Secure can tell you if your router has been hijacked (you should run this with VPN disconnected for accurate results): https://www.f-secure.com/us-en/home/free-tools/router-checker

Other actions you can take are summarized on this single page Cyber Secure Home overview.

If you have Smart Speakers, Smart TVs, thermostats, etc. on your home network, please take a look at this document for additional recommendations to keep yourself safe: NCSAM_InternetofThings_2020.pdf

Additional Guidance

For more information about how to securely work online remotely there are the following guides from the SANS Institute (a security training organization we use at the college):

https://www.cisecurity.org/newsletter/working-remotely-how-to-be-safe-secure-and-successful/
https://www.cisecurity.org/newsletter/securing-your-remote-office/
https://security-awareness.sans.org/sites/default/files/2020-03/ifg_SSA-Top-5-Steps-Securely-Work-From-Home.pdf
https://www.sans.org/security-awareness-training/resources/four-simple-steps-staying-secure