Page title

Security Guidance for Working Remotely

Main page content

When you need to work remotely, whether you telecommute as a regular part of your job or as an alternative when access to the U.T. System Building is temporarily restricted, we want to make sure you have all the information necessary to conduct the business of U.T. System in a secure manner.

While the preferred and most secure method for working remotely is to do so using a U.T. System-owned computer, if you must use a personal computer you should familiarize yourself with the following policy requirements and best practices. The same policies apply whether you are working in the office or remotely.


Policy Requirements

  • Each individual is responsible for exercising good judgment regarding the reasonableness and security of his/her behavior and use of U.T. System information resources.
  • Any personal computers used to access, create, or store U.T. System information resources, including email, must be password protected.
  • U.T. System data created or stored on a personal computer, smart phone, or other device is subject to the Texas Public Information Act, court orders, litigation holds, discovery requests, and other requests for information.
  • If you work with confidential U.T. System data, your personal device must be encrypted.
  • Any work-related confidential data created or stored on a personal computer must be transferred to U.T. System owned or managed resources as soon as feasible.
  • U.T. System employees, vendors, and other third-parties may only remotely access U.T. System information resources using methods approved by the U.T. System. See Remote Access Options for more information.
  • If you haven't done so recently, review the U.T. System Acceptable Use Policy.

Best Security Practices While Working Remotely

  • Personal devices:
    • Do not store any work-related data locally on your computer. Log into OneDrive or SharePoint to store U.T. System data.
    • Remember to log out of your U.T. System remote session or Office 365 session when you are finished working.
    • Clear web browsing history (Control-Shift-Delete) before you close your browser, especially if you logged into O365 (Remote Outlook, etc)
    • Do not store U.T. System credentials, credit card numbers, bank account numbers, or other sensitive data in your web browser
    • Install available updates to your device's operating system, anti-virus software, applications, and browsers.
  • Public wifi:
    • Avoid using a public WiFi network unless absolutely necessary.
    • Consider using your mobile phone as a hot spot instead of using a public WiFi network
    • If you must use public WiFi, it's best to use a secure, password protected wireless network.
    • Disconnect from the WiFi network when you're finished working online
  • Scams: 
    • Cybercriminals may contact you via email, text/SMS, phone, or social media and may pretend to be a trusted colleague or someone in the executive level.
    • Cybercriminals may seek sensitive information, payments, gift cards, etc.
    • Even if you recognize a phone number or email address, be sure to confirm every request for sensitive information via a trusted means of communication.
  • Theft:
    • Lock your U.T. System laptop or personal laptop with a cable lock made specifically for computers
    • Do not leave your devices in a vehicle (if you must, put it in a secured trunk)
    • Immediately report all lost or stolen devices to U.T. System Police, OTIS, and your department head.
  • Terminal Server:
    • Do not save your login credentials
    • Log out of the session when you are finished or will be away from your computer
  • Remote Desktop:
    • Only use RD Gateway to access your work computer when you are offsite

Collaborating Securely While Working Remotely

Working remotely may pose challenges for staff accustomed to collaborating in-person. Several services have been approved by the Information Security Office to facilitate workplace communications and team collaboration, and may be quite helpful when normal means of collaboration are unavailable.

Approved tools useful for remote work include:

 

As always, contact the Help Desk for any questions related to computing and technology services.