New normal: WFH security tips

by Elizabeth Jenike, IT Services

As we adjust to working and teaching remotely, cybersecurity has become more important than ever. Taking our work home with us also brings our home into the work -- so we need to take the proper steps to protect our homes from malicious actors, who never seem to sleep, even during a pandemic.

That said, here are a few key information security tips to follow as we continue this remote-work journey:


There’s no rest for the scammer, it appears. Already some of our contacts at other universities and folks in industry are seeing an increase in phishing scams and other nefarious activity related to the COVID-19 epidemic.

A resource shared by the Federal Trade Commission (FTC) details some of the common themes in these scams. There may be websites cropping up touting delivery of necessary items (like toilet paper or paper towels) that take your money and then never make good on the delivery; fake charities have started taking advantage of peoples’ generosity; and phishing schemes are as alive and well as always. There are examples and tips for avoiding these kinds of activities on the FTC’s site -- including an image of a fake email claiming to be from the World Health Organization.

A red computer screen

Essentially: Remain vigilant. Don’t panic. Scammers will target you -- humans are the most vulnerable part of any system. Just take a deep breath and vet everything you see. You know, what you should be doing every day!


There are a few important things to note about passwords in light of the remote work situation.

  • Change MUnet password: Due to the deployment of Duo Security on Miami systems, you won’t need to change your MUnet password except once every five years. However, be smart about it. If a website you frequent experiences a data breach (like the one that happened at Canva not too long ago), you should go ahead and change your password both in that particular site and your Miami password as well -- especially if you have used your MUnet password in multiple places.
  • Change router password: You will be accessing Miami systems and resources from your home internet. If you haven’t done so already, you should change the default administrator password that came with your wireless router. Lifewire has a deeper dive into the why and how.
  • Use a Virtual Private Network (VPN) to access Miami resources when possible. Your traffic to Miami resources will flow through our pipeline, increasing data security. Find out how in the Knowledge Base.
  • When you get up from your computer, even just to use the restroom or see what the dog is doing on the other side of the house, you should get in the habit of hiding your screen -- whether that be by closing a laptop, setting a password-protected screen saver, or using other tried-and-true password protection techniques. Please also remember not to share work-related devices with family members or friends.

… And updates, oh my!

Laptop Security thumbnail

The other thing you want to make sure you’re doing is updating software and programs when you can. Hackers are constantly trying to find vulnerabilities in common applications, and as a result, software companies push security updates regularly. Following an active update schedule with your devices (e.g., phone, computer, tablet, etc.) will ensure that your tech is protected by the latest available information.

Extra security: Use a password manager

Password sharing between accounts is generally a no-no. When we hear about big data breaches, we urge users to change their passwords for many reasons. If members of the Miami community re-use their MUnet password for other online accounts, their Miami credentials could possibly be compromised by large-scale data breaches.

How do you fix that problem? Remembering different passwords for all of our online accounts is cumbersome and sometimes plain impossible (especially if we’re utilizing all of our password-generation best practices and using passphrases that contain special characters, numbers, and uppercase/lowercase letters). Password management apps can be a lifesaver.

These can help you generate strong passwords, and you don’t have to remember every single password for every single account you have—instead, the manager remembers them for you. (All you have to remember is the password for the app itself.) Some common examples of password management apps include: LastPass, KeePass, and 1Password.

Follow these tips to improve your own security posture as well as that of your family. It’s up to all of us to create a more secure environment -- thank you for helping to keep Miami cybersecure.

Webex Security

As we move instruction and administrative work online, the University's recommended teleconferencing tool is Webex Meetings. Nefarious actors have been known to disrupt open meetings by posting inappropriate content or being general nuisances. To help combat this issue, we have taken various security measures within the Webex tool itself.

Read more: New security defaults coming to Webex