Securing Your Work Environment
Northwestern provides the University community with a robust network and access to an array of information assets critical to the business and operations of the University.
Due to the sensitivity and regulations associated with much of this data, it is essential that every member of the Northwestern community work to protect it and minimize the occurrence of security incidents.
It is your responsibility to read, understand, and comply with University policy, and to use Northwestern's security resources—tools and support organizations that assist faculty, staff, students, schools, and departments—to help ensure the safe and secure operation of the network and conduct of University business.
You can also help by following the security practices outlined below. Always check with your local technical support staff before implementing changes
Printers and Multifunction Devices
Take steps to protect your printers and multifunction printing devices, such as copy machines, before they are attached to the network.
- Disable all protocols except TCP/IP
- Disable FTP, telnet, and any other management interfaces except those that are used regularly
- Only enable printing protocols that will be used
- Use a password to access a document server if the device has one and disable the server if it is not being used
- Change the default administrative password
- Control traffic with firewall rules
Visit the IT Knowledge Base for more information regarding secure printing connections.
Treat all sensitive data as a highly valuable asset and minimize the chance that it is released to unauthorized users:
- Identify sensitive data inputs, location, and sensitivity
- Do not use Social Security numbers as an identifier, use employee or student ID instead
- Encrypt private data sent across the network; see your local technical support staff for instructions
- Save sensitive data files to a network drive, not a personal computer
- Restrict access to sensitive data to those who "need to know"
When you no longer need sensitive data, it is better to dispose of it than continue to account for it. Ensure data cannot be recreated and follow careful disposal best practices:
- Only store necessary data and delete it when it is no longer needed
- Shred papers containing sensitive data
- Follow the Disposal of Northwestern University Computers Policy
- Sanitize hard drives of disposed computers to remove sensitive data
- Dispose computers through University Services' Computer and Peripherals Recycling Program
Sensitive data is more easily stolen when it is being shared between users, so take note of the connection you use. Unapproved wireless networks, e-mail, and public computers are particularly vulnerable to security breaches.
- Use only Northwestern-approved networks and wireless access points
- Do not e-mail private data, as messages can be intercepted
- Use Virtual Private Network (VPN) when off-campus for a secure connection
- Find out more about University policy regarding Security Risks of Network Extensions
In the event of a disaster or a security incident, do you know what to do? These events occur unexpectedly, so find out in advance how to respond:
- Report any known or suspected security incident to your management, your local technical support staff, and Northwestern IT's Network Operations Center at (847) 467-NNOC (6662). You can also e-mail firstname.lastname@example.org
- Learn about your school or department's business continuity plans from your dean or department chair
- Make regular system backups and test your system restore function; check with your technical support staff for details
Securing your work environment while working online from home requires some additional consideration—you will be using your home network, and possibly your personal computer. This page provides resources to help you maintain the same security precautions as if you were on campus.
Secure Your Computer and Files
Northwestern IT recommends that you use your University-issued computer. If managed by an IT department, it will have the appropriate software and encryption, and it will automatically receive security patches. Files you receive will be stored safely on this computer.
However, if you must use your personal computer, please follow these guidelines:
Install Antivirus Software
- Microsoft Defender Antivirus is built into Windows 10 and Windows 11
- There are other free or low-cost antivirus solutions (such as Sophos Home, Avira, or Malwarebytes) that are available for both Mac and PC platforms
Maintain Computer Updates and Security Patches
Ensure Your Browser Has the Latest Updates
- Google Chrome
- Mozilla Firefox
- Edge and Apple Safari updates are included with operating system updates
Manage Sensitive Information
Save your files on SharePoint as instructed by your department. This solution is secure and allows you to safely store and access your data with just an internet connection as well as share them with your colleagues. Please do not use the OneDrive desktop client to manage files on personal computers, as this can inadvertently store sensitive data on an unmanaged device.
You can access Microsoft Outlook, Word, Excel, and other Office 365 tools online if you do not have them on your personal computer. Log in at http://msoffice.northwestern.edu with your NetID and password.
Be Alert to Phishing and Other Scams
As so much more of our communications are online, the risk for clicking on a scam email that appears to be from a co-worker is greater. If you do receive an email that seems suspicious, report it to the Northwestern IT Information Security Office.
Create Strong Passwords
- Use strong passwords and do not share passwords between accounts - if a password is compromised, it can't be used elsewhere.
- If you haven’t already done so, please set up Multi-Factor Authentication using the Duo app. This extra layer of password protection is required to access University services and systems, including CAESAR, MyHR, and GlobalProtect VPN.
Use the Northwestern Virtual Private Network (VPN) Service
A VPN is a technology that creates a private, encrypted tunnel for your online activity, making it much more difficult for anyone to watch or monitor what you are doing online. All your online activity goes through this tunnel, then leaves the Northwestern network to your intended destination.
As a best practice, use VPN whenever possible, and especially when you are working with sensitive data. Instructions for the setup and use of Northwestern's VPN can be found in the Northwestern Knowledge Base.
Secure Your Home Network
Almost every home network starts with a wireless (or Wi-Fi) network, enabling all of your devices to connect to the internet. Most home wireless networks are controlled by either your internet router or a separate, dedicated wireless access point. Either way, they work by broadcasting wireless signals to which your devices connect. To secure your wireless network, do the following:
- Change the default administrator password. The administrator account is what allows you to configure the settings for your wireless network. An attacker can easily discover the default password that the manufacturer has provided.
- Only let people you trust connect to your network. Do this by enabling strong network security, which requires a password for anyone to connect to your wireless network. It will encrypt their activity once they are connected.
- Use strong passwords. The passwords used to connect to your wireless network must be strong and different from the administrator password. Remember, you only need to enter the password once for each of your devices, as they store and remember the password. More about passwords.
More information about securing your home network is available from your Internet Service Provider (ISP). Here are some resources from common ISPs: