Top Telecommuting Security Concerns and Best Practices

Telecommuting and remote working has been popular since the 1990s. Whether it’s to decrease office expenses, cut down on commuter traffic and pollution or to support a remote workforce due to location closure, telecommuting is a vital part of Maricopa’s ability to continue normal business operations.

However, telecommuting and remote working may create greater risks such as comprising the confidential data of students, faculty and staff and the integrity of systems and services.

Here are our top security concerns and best practices to help you be secure, successful and productive wherever you may be working.

If you have questions, please contact the ITS Information Security team or your local help desk.

Click any heading below to expand the answer.

Beware of Email and Phishing Scams

Email and phishing scams are on the rise. Review messages being sent or received in email closely to ensure that you are sending to the correct recipient or receiving from legitimate business or company contacts or resources before taking an action (e.g., clicking a link).

What Does this Mean to You?

See our Phishing Explained page to learn how to spot phishing attempts.
Follow our general phishing guidelines and how-to best practices to protect against phishing attempts.
Forward suspicious emails to protect.privacy@maricopa.edu. Do NOT reply directly to suspicious emails.
Specifically during this time, be aware of coronavirus (COVID-19) - related phishing scams. Review this article, “How to avoid falling victim to a coronavirus phishing email attack”, for more information.

Handling Confidential Data

To avoid compromise or breaches in data security, we strongly suggest the following guidance when you are handling confidential information.

What Does this Mean to You?

Do NOT save sensitive data on any personally-owned computing device.
While it may make it easier to access, personal devices are not built with the protections we have on MCCCD-owned devices.
Make sure student and other confidential data is only being stored on approved storage locations in the cloud or our data centers. For example, use your Google Drive instead.¹
Refer to the Information Classification and Handling IT directive for additional guidance.

¹Refer to the Information Technology Directives on Cloud Services to learn more about approved online storage solutions.

Practicing Safe Internet Browsing

Devious websites can be places where viruses and other forms of malware exist on the Internet. In addition, there are many other methods to spy on unsuspecting users or access confidential data without consent.

While browsing, precautions must be taken to protect against compromise and cyberthreats.

What Does this Mean to You?

Be very careful when clicking unknown links from any device (Maricopa-owned, personally-owned).
Do not visit sites you wouldn’t browse during the normal course of your work.
Use more caution when working from home or when connecting to the MCCCD network with a personally-owned computing device.
Do not click on unknown pop-up windows that appear when visiting websites.
Avoid questionable websites.
Only download software from sites you trust.
Use antivirus and anti-malware protection and firewall software and make sure it’s up to date. If you don’t have this software, check these online sources for evaluations of various products, Techradar (“The best antivirus software for 2020”) and CNET (“The best antivirus protection of 2020 for Windows 10”)².
Increase your browser security settings³.

²The Techradar product evaluation contains reviews of a few different Windows and Mac products. The CNET product evaluations are focused on Windows 10 only.

³For Chrome, visit Chrome Help to learn more about the browser’s internet security and privacy settings. For the new Microsoft Edge, visit the Microsoft Edge support page to learn more about the browser’s internet security and privacy settings. For the legacy version of Microsoft Edge, visit the Microsoft Edge legacy help page. For the Safari browser on the Mac OS, visit the Safari User Guide to learn more about how to secure the Safari browser.

Protecting Your Accounts and Passwords

Your Maricopa ID (MEID) and other accounts (IDs) that you may use must be kept secure. This will guard across data breaches and unauthorized access to business and/or personal information.

What Does this Mean to You?

Do not share your account(s) and password(s).
Follow password standards (e.g., password length, complexity, expiration).
When not in use, always lock the computing device.

Protecting Your Personal Device

If you are using your personally-owned computing device for work or personal purposes, proper controls need to be in place to guard against data breaches or other forms of compromise caused by viruses and malware or unauthorized access.

What Does this Mean to You?

Use antivirus/anti-malware software and make sure it’s up-to-date. If you don’t have this software, check these online sources for evaluations of various products, Techradar (“The best antivirus software for 2020”) and CNET (“The best antivirus protection of 2020 for Windows 10”)⁴.
Make sure your computing device’s operating system (e.g., Windows, Mac OS) is current with the latest patches. Use the built-in update features to make sure your computer is up to date⁵.
Lock or shutdown devices when not in use.
If possible, do not share the device used for work with others⁶.
If using VPN, disconnect from the VPN network when done with work.

⁴The Techradar product evaluation contains reviews of a few different Windows 10 and Mac products. The CNET product evaluations are focused on Windows 10 only.

⁵Windows 10: (1) Open the Start Menu and click Settings; (2) Select Update & Security; (3) Click Windows Update; and (4) Click Check for Updates. Apple Mac OS: (1) Choose the Apple menu; (2) Click System Preferences; and (3) Click Software Update.

⁶If you must share, create different user profiles and logins for each individual. For Windows 10, refer to how to setup multiple user accounts. For Mac OS, refer to setting up users, guests, and groups on your Mac.

Beware of Random USB Thumb Drives

Viruses and other forms of malware are often contained on these devices.

While these devices are convenient, they often get lost or misplaced. Unless a USB drive is encrypted, any content stored on the devices can be accessed by anyone who may find it.

What Does this Mean to You?

Do NOT use random USB thumb drives.
Do NOT store internal or confidential data on USB thumb drives.
If you have a USB thumb drive, but don’t know where it came from, do NOT use it!

Protecting Against Theft

Computer theft is on the rise. Take proper precautions to guard against theft or unauthorized access.

What Does this Mean to You?

Don’t leave your computing device (Maricopa-owned, personally-owned) or cell phone in your car, even if the car is locked.
Keep laptops secured at all times - stored or located in a safe location, locked.
When not in use, lock the computing device.

Knowing When to Use VPN

While most of Maricopa's applications and services can be accessed remotely and from anywhere, some applications, services and functions are restricted to the Maricopa network.

VPN access will be required in these cases. VPN is a technology that enables a secure, encrypted connection between your computer and resources on the Maricopa network.

What Does this Mean to You?

Visit the Anywhere Computing Frequently Asked Questions page to learn if, when, or where VPN software may be required.
If you are located at a District Office location⁷, follow these VPN client installation instructions to self-install the software or contact the ITS help desk (480-731-8632, helpdesk@domail.maricopa.edu) for assistance.
If you are located at a college and need VPN software, please contact your local help desk first for assistance.

⁷District Office locations include the District Office and Emerald Point buildings, Wood Street, and Maricopa Public Safety.