Security Precautions for Working and Teaching Remotely

While many faculty and staff have returned full time to the ECU campus, others are continuing to work remotely or a hybrid schedule to provide the high-quality services and resources we are known to deliver. We want to ensure that all in the Pirate community are aware of effective ways to work safely and securely in both an on-campus or remote environment.

The ITCS website shares detailed information security guidance we can all use to better protect ourselves in the virtual world.

The ITCS Service Catalog and IT Knowledge Base share detailed information security guidance we can all use to better protect ourselves in the virtual world.

Protecting your university-owned computer

• ECU currently uses Windows and Mac system-management tools to automatically install updates and patches on your computer. You may see pop-up windows from them while they’re applying an update or patch; occasionally, a restart will be necessary to complete the operation.
• Keep your software up-to-date to ensure ITCS can fully support you and to protect from security vulnerabilities that may be in older software versions. View a listing of ECU-supported software.
• Be sure to screen lock your computer when not in use and never share your ECU password.
• Quickly report if your university-owned laptop is stolen, you unintentionally responded to a phishing email and believe your account is compromised, or you think a secure university system has been breached. To report any security concerns, call Pirate Techs phone support, 252-328-9866 or 800-340-7081. If you’re unsure whether an activity is a security concern, call Pirate Techs who will help decide.

Safeguarding sensitive information

• ECU has developed several data governance policies and standards to ensure we comply with state, federal and international rules, and regulations.
• Know what information can be stored where. ECU users are responsible for the protection of any sensitive data in their custody. This includes electronic, print, voice or any other form in which the data is captured.
• Piratedrive network storage is password-protected, secure and backed up nightly. Keep in mind that OneDrive cloud storage is the ONLY approved cloud storage for backing up files at ECU.

Using email safely and responsibly

• Enable and use multifactor authentication for your ECU email.
• Any emails containing sensitive information sent to recipients outside the ECU network are required to be encrypted.
• Don’t respond to any suspicious or urgent messages requesting that you click a link, send money or share sensitive information. If you receive a suspected malicious (phishing) email, forward the message to phish@ecu.edu or report a security concern to ITCS. We will analyze the email, and if it's malicious, remove it from all users' mailboxes. See this article on how to recognize phishing email from the Federal Trade Commission.

Using ECU's virtual private network (VPN)

• When you are not connected directly to the campus network, log in to the VPN (Virtual Private Network). The VPN creates a “tunnel” between your computer and the campus network to identify you as a member of the ECU community. This will allow you secure access to restricted networked resources.
• Working through the VPN is only necessary when connecting to a few ECU services that REQUIRE it, like Banner administrator pages, or if you are connecting to ECU services using a public or unsecured internet connection. Checking email, retrieving files from OneDrive, streaming anything or meeting online does not require a VPN connection. This will save the bandwidth for a user who needs it.
• Even though the campus resources you access may not require the VPN, log in at least weekly for a few hours to ensure that you receive the latest updates that fix bugs, patch security holes and sometimes add new features and support for products.

Virtual conferencing

• ECU supports Microsoft Teams and Cisco Webex for virtual conferencing. Review conferencing features to determine which one best suit your needs.
• Be sure you don’t have personal or sensitive information visible when sharing your computer screen or when your camera is enabled.
• If you record a meeting, make sure all participants know they are being recorded. The software should indicate this, but it’s good practice to tell them, too.

Securing your home Wi-Fi network

• The most effective steps you can take to secure your wireless network at home is to set a strong network and router administrator password and enable WPA2 encryption on your router.
• Allow only people you trust to connect to your wireless network.
• Keep your router up to date. To make sure you hear about the latest version, register your router with the manufacturer, and sign up to get updates.

More information

Do you have any questions or would you like more information on the topics and resources covered in this newsletter? Visit the web pages below or contact Pirate Techs at (local) 252-328-9866 or (toll free) 800-340-7081.

• Governance, Compliance and Security Resources
• Information Security Standards and Best Practices
• Security Awareness Education at ECU
• Guidelines for Protecting Sensitive Data
• Cybersecurity While Working Remotely (NC Department of Information Technology; html)
• Top 5 Steps to Securely Work from Home (SANS Security Awareness; pdf)
• Online Safety Basics (National Cybersecurity Alliance; html)