COVID-19 has forced everyone indoors, requiring us to stay home. As a result, going into the office to complete work is a thing of the past, at least for now.
To make matters work, the sudden change in operational procedures means many of us are using Zoom video-conferencing software (UVA has a site license), UVA Box and/or UVA Collab cloud tools for the first time. These adjustments provide opportunities for hackers to prey on us by sending malware attachments and fraudulent links that appear legitimate.
Below are some tips and guidelines to help you keep your home workspace cyber-secure so that you can continue to be safely productive.
-
Read and re-read (it's changing over time) the guidance about working remotely at UVA. If it helps, keep a running list on a whiteboard or a piece of paper and tack it near your computer so that you can reference this “allowlist” any time you come across a link or an attachment.
-
Do not download apps from any third party vendors. If the software is required for your job at UVA, start by looking at the ITS Software Catalog. If it's not, make sure you get the software or app from the Apple App Store or Google App Store. These vendors take special care to vet the apps they offer to ensure their validity. Downloading apps from unreliable vendors is especially risky because applications are common carriers for malware.
-
Back up your computer’s data! Make sure the computer you're using at home for UVA related work is being backed-up. If you took your work computer home, being off-Grounds may prevent this computer from being backed up. If your work computer in your office was backed-up automatically and now it's at home, you should check with your LSP or computer support person to verify it is still being backed up. If it is not, work with this person to come up with a backup scheme. Backups are particularly important if you are ever the victim of a ransomware attack.
-
If you need to sign documents remotely, use DocuSign; UVA has a site-license and you should sign-in with your UVA Netbadge credentials (e.g. [email protected]). Docusign is the most widely used electronic signature software, and it’s highly secure.
-
Scammers are using the coronavirus to their advantage to create a false sense of urgency or create messages that appear valid to frazzled at-home workers who let their guard down. Beware of any messages related to coronavirus with links and downloads. Start by checking our Security Alerts webpage to see if a message like the one you received is there. You can verify any suspicious email with the UVA Help Desk by calling 434-924-4357 or emailing [email protected] before clicking on links or opening files. Trust your intuition -- if it feels off, air on the side of caution. If you're not sure, please email us at [email protected] for verification.
-
If the email is asking for a reply, whether by email or by a text message - Do NOT use the information they give you. Start a new email message using a legitimate address you have for that person. Text or call the person supposedly asking for a reply at the number you have for them to check whether they really do need your help.
-
You can view tips for recognizing phishing emails at this link. There are two examples of gift card scams on our Security Alerts webpages - click here for one and here for the other. You can also use this link to view other types of modern scams as well as other gift card scams that you may encounter while working from home.
-
Donate with confidence – Charitynavigator.org can help guide you to legitimate charities that are accepting donations.
Above all, remember to stay vigilant at all times to keep your data safe in this difficult time.