IT security in distance mode
The Incident Response Team (IRT) at LiU gives advice about working safely from home in distance mode. Be on your guard against possible fraud. You should preferably use LiU’s IT equipment when working.
The sudden activation of distance mode has posed serious challenges on both the organisation and the individual. We are suddenly using completely different ways of working from just a few days ago, and our focus has changed somewhat. Unfortunately, in all crisis situations forces are at work to exploit the chaos, disorganisation and confusion for their own purposes.
Increased risk of attempted fraud
LiU’s personnel are continually exposed to different types of attempted fraud. It may be a case of tricking people to reveal their username and password, or attempts to cause the payment of money through, for example, fraudulent invoices or redirection of salary payments. Normally, we are reasonably successful in resisting fraud, although it must be admitted that more people than we would like become victims of phishing and attempt to log in to a fraudulent website using their LiU account. Attempts at economic fraud are very seldom successful.
The situation we are in now, however, provides new opportunities for fraudsters to exploit emotions and anxiety, and may also make it more difficult to carry out checks that we otherwise would have done. We can no longer walk a few doors down the corridor and check whether a request for payment is correct. We may instead send the question by email, but how do we know whether we are exchanging email with the correct person?
In fraud attempts, a request is often presented to sound very urgent. Often there are several red lights that warn about a fraud attempt. One such warning is that the request is urgent, and claims that there will be serious consequences if we do not comply. Trust your instincts – if you get the feeling that something is not right, it certainly isn’t. Don’t just check-up by written messages – obtain oral (or video) confirmation from colleagues and managers.
Use LiU equipment at home
Working from home brings with it different risks than those we see on campus. We recommend strongly that LiU’s IT equipment be used in your work. You should avoid as much as possible using a private computer or tablet computer for work. Use also a screen lock at home when leaving the computer, just as you would on campus.
If it is not possible that to use LiU’s IT equipment when working at home, it is very important that you install safety updates both for the operating system and the software on your computer. This is the most important measure to ensure that you computer and the university data are protected. You should also use antivirus protection. Windows computers have effective protection from Windows Defender, which is part of the standard installation. If you use Mac OS or want stronger protection for Windows than Windows Defender, we recommend ESET Nod32. There are, however, several other effective products. Remember also that pirated software and keygens (programs that generate fake serial numbers) constitute a particularly high risk and often contain malware.
Gaining access from home
You may need to use a VPN to gain access to certain LiU resources. Many people are familiar with using vpn.liu.se through Cisco AnyConnect, but this does not have the capacity to deal with the high demand we are seeing now. For this reason, the IT Division has rapidly introduced a new VPN, FortiClient, with a higher capacity. More information is available at the VPN webpage.
You must also connect through the VPN at regular intervals to keep the licenses for Windows and Office 2016 active, and to receive certain updates.
Contact the IRT in the event of any difficulties
Never hesitate to contact the IT security unit at LiU (IRT) if you are the target of, for example, attempted fraud, phishing or a virus infection. We are fully aware that sometimes things simply go wrong, and we want to help you minimise any damage or problems that arise.
Tel: (013) 281744
- firstname.lastname@example.org (to report spam)
- email@example.com (to report authentic email erroneously labelled as spam)
- firstname.lastname@example.org (other matters).
Full contact details of the IRT are available here.
Subscribe to IT news
Receive a newsletter for LiU employees 4 times per semester with IT news. The newsletter is in Swedish, but many of the included articles are available in English. Subscribe here!
Latest IT related news
Last updated: 2020-05-04