Security Practices When Working from Home
University data stored on a computer you use at home, whether the computer is owned by you or the university, is subject to the same policies as data located on campus. Per university policy, you are the custodian responsible for all Cornell data on any computer you use. See Protecting University Data for more information about these responsibilities.
It is your responsibility to know what types of Cornell data you have on your computer at home and to take steps to protect it as outlined here and elsewhere in this security guide.
Faculty and Staff: Use Certified Desktop If Possible
Whenever possible, use a Cornell-owned computer when you work at home, preferably one enrolled in Certified Desktop. This will provide the security, disaster recovery, and business continuity protection necessary while working with institutional data. Certified Desktop ensures that your device meets the minimum requirements outlined in Cornell University’s Policy 5.10.
If you are not sure whether your system is part of Certified Desktop, check with your unit’s IT support provider.
If you cannot use a device enrolled in Certified Desktop, then the use of a Cornell-owned laptop is still recommended to provide appropriate licensing and institutional IT support.
Secure Your Personally Owned Device
If you cannot use a Cornell-owned device when working at home, however, please follow the steps outlined below to make sure you are minimizing risk to the university while working remotely.
Use a separate login account
If other members of your household use the same computer, create a separate login account for your Cornell work and data, with a strong password that only you know. Using a separate login ensures other users on your computer cannot view or access your Cornell documents.
Encrypt all confidential data
If you have confidential data on a computer that is located at home, or that comes home with you, that data must be encrypted. Check with your department’s IT support staff to find out what encryption solutions are used in your department.
Connect to campus with the Virtual Private Network
Connecting to Cornell’s network from home increases the risk of data exposure or password compromise because you have to use networks that are not controlled by Cornell. To minimize these risks, you should use the campus Virtual Private Network (VPN) when working with sensitive Cornell data. This will ensure that everything you do is encrypted as it goes over the network. VPN protects your data from electronic eavesdropping and may be required to connect to some department and central resources from off campus. To find out how to install and use, see Cornell's Virtual Private Network (VPN).
Secure your home wireless network
Home wireless networks are easy to set up and extremely convenient to use. However, an insecure wireless environment poses several risks that need to be addressed:
- Anyone near your home can use your Internet connection.
- Anyone near your home may be able to access your computer.
- Anything sent over the wireless connection could be stolen.
The manuals that came with your wireless router should provide detailed information on how to secure your home wireless network. If you no longer have the manual, use the brand name and model type to search for an electronic copy online.
Keep your computer secure
If you are working on a computer that is not Cornell-owned, make sure that your operating system and applications are updated regularly. In addition, activate your computer's firewall protection and antivirus software. If you're working on university business on a computer at home, whether you or Cornell own the computer, you must take measures to secure your computer and mobile devices.