Working Securely when away from Carlow College
- Mobile devices and laptops can present a serious security risk if lost or stolen. Make sure to keep your devices with you and in sight at all times when travelling and hybrid working and never leave them unattended in public locations or visible in cars.
- Mobile devices such as phones and tablets should be protected by an auto-locking pin at all times.
- You should ensure that you lock your laptop screen when taking a break or finishing work for the day.
- At home, lock devices securely away when not in use and avoid accidental damage by keeping devices out of reach of children or pets.
- Staff should not share devices, which are being used to store sensitive College data with other family members or friends.
Staff should ideally work on computers and devices provided by the College and securely managed by IT Services. Where a staff member is using a device not managed by IT Services, they should at a minimum, ensure that any laptop or desktop computer that is used to work on College data is:
- Protected by McAfee Anti-Virus software or equivalent software and that it is up-to-date and working correctly. This will protect your computer and data from viruses, malware and ransomware.
- Running an up-to-date operating system with all security updates applied to make sure it is not vulnerable to attacks.
- Avoid retaining duplicate copies of data. Check that downloaded files are deleted from your computer’s Download Folder / Hard Disk once saved to OneDrive / Teams or SharePoint / Network folders and not retained on devices where they may be visible to unauthorised individuals.
- Only use an up-to-date operating system with all security updates applied to make sure it is not vulnerable to attack.
- Do not use computers running Windows 7 for work purposes, including accessing Office 365.
- Guard your passwords and always change them if you suspect that they have become known to others.
- IT Services advise against using public computers / laptops such as in cafes or hotel foyers to access Carlow College services or data.
- IT Services has the capability to loan, on a temporary basis a laptop to a user requiring access to onsite network services. These designated loaner laptops must be requested/booked and are reset to factory default settings on return before reallocation to the next user.
The Virtual Private Network (VPN) service allows Carlow College staff to make a secure, encrypted connection to the Carlow College data network from a remote location.
If working remotely, you will only need a VPN to access the following services:
- To receive Windows security updates remotely, you are required to be connected to the VPN for at least one hour each working day.
- Network files and file storage
- You will not need a VPN to access lots of other services that are hosted in the ‘cloud’. An example would be your email, OneDrive, Teams, Moodle, Turnitin, etc.
- VPN is only available to be setup on Carlow College-owned computers that are networked and fully compliant with our network security policies including being added to the COLLEGE domain.
- If you believe you need the VPN, please contact email@example.com.
All Carlow College Staff are provided with an official Carlow College email account with Microsoft Office 365, which you can access, using your web browser or Outlook app. Once logged in from the browser click on Outlook to view your mail and calendar.
As part of Office 365, all staff have access to Microsoft’s cloud-based file storage, OneDrive. Working with OneDrive feels the same as working with the files stored locally on your computer, except the changes you make are instantly saved online, and can be viewed and edited in real time by anyone you share the document with, allowing for collaboration with colleagues.
Teams is a collaboration app available through Office 365, which has been designed for groups of people who work together regularly. Its greatest benefit is instant communication amongst the group and the ability to share information and files easily all in one centralised place. Finally, Staff should report any suspicious activity to firstname.lastname@example.org for investigation.