Security Tips for Working from Home (WFH)

To maintain a safe and secure remote working environment during WFH arrangement, here are some security tips:

Suggestions	Tips
1. Working Environment	Select a private space Select a place where people can’t “shoulder surf” Look over your shoulder at what’s on your screen Get a privacy screen filter to avoid prying eyes, if a private workplace is not available.
2. Work Devices	Use a secure computer Install anti-malware software and perform regular scan Perform regular system updates and install patches Never share your account and password – for a shared device with family members, always have a separate login account with password protection to avoid accessing/deleting work files unintentionally by others. Sign out completely upon completion of your work.
3. Wi-Fi Connection	Use secure encrypted Wi-Fi – change the default login name and password of the home router. Upgrade the firmware to the latest version. Set up a security key (password) for your network. Use the latest security protocol WPA3. If the router does not support it, the more common WPA2 can be used. Avoid free, public Wi-Fi – use the hotspot sharing function of the mobile phone for Internet access instead.
4. VPN Connection	Use a CUHK VPN (Virtual Private Network) to connect to CUHK network. A VPN creates an encrypted tunnel for your network traffic to protect from intercepting or eavesdropping.
5. Data Security	Properly protect your data by following best practices in “Keeping Your Data out of Hackers’ Reach“. Avoid downloading sensitive data on your personal devices – if unavoidable, encryption and data backup are recommended. Use cloud storage provided by CUHK such as CUHK O365 OneDrive or SharePoint for storing University data, follow best practices on using cloud storage services. Beware of phishing emails or online scams, NEVER open files/URLs from suspicious or untrusted source.
6. Video Meeting	Keep Video meeting software up-to-date Beware of eavesdropping – during a conference call or video meeting, even if you are on headphones, someone may still be able to hear your voice.

Additional tips are available at “User Trainings: Information Security Best Practices“

Also stay in Touch while you’re working remotely. If any suspicious activity is spotted on the computer, you should disconnect it from the network immediately, report to ITSC and ask for assistance.

References:

[PCPD] Protecting Personal Data under Work-from-Home Arrangements: Guidance for Employees (Chinese version)
[PCPD] Protecting Personal Data under Work-from-Home Arrangements: Guidance on the Use of Video Conferencing Software (Chinese version)
[HKDERT] https://www.hkcert.org/my_url/en/blog/20022002 (Chinese version)

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.