Working from Home or Remotely

• Only remove information from the office that is essential to carry-out your job duties.
• If possible, take copies of physical records and leave the originals in the office.
• Store physical records in a locked filing cabinet or desk drawer that you have sole access to.
• Unattended documents on a printer or desk at home could lead to a data breach of personal or confidential business information.
• Upon returning to the office, return records to their original storage place as soon as possible and destroy copies securely by shredding them.

• Do not leave your laptop/computer screen unattended. Lock screen or logoff your work session.
• Do not share a laptop/computer used for work with family members and/or friends.
• Do not use your personal email as a means to transfer records containing personal or confidential information for work purposes.
• When using video conferencing:
  • Users must get permission to record a video conference from everyone on the call. The intention of such recordings should be for note-taking only. If recording for other purposes all attendees should be notified about that purpose and give their permission for that recording.
  • Personal or sensitive business information should not be discussed in public places or spaces that may include other members of your household.
  • Any visible personal or confidential data must be removed from camera view.
  • Cameras and microphones should be turned off when not in use.
  • Review the Best Practices for Online Meetings and Classes webpage.
• Encrypt any electronic device that you use to store TRU information (personal or confidential business information). This includes, but is not limited to, home computers, USB flash sticks, and laptops. Contact the IT Service desk if you need assistance.
• Securely remove all TRU information from a personal computer once it is no longer needed.

If TRU records or personal devices containing TRU information/records are lost or stolen, immediately notify your supervisor and report the loss by email: infosecurity@tru.ca or privacy@tru.ca.

• When connecting to TRU resources outside the office, use a VPN connection.  If you are uncertain about how to use the VPN, please contact the IT Service desk for assistance.
• Do not accept software updates that are triggered from a website or email, such as Java or Adobe Flash.
• Store your electronic device(s) in a secure location when transporting or travelling (e.g. trunk of a car).
• If using a home computer, ensure that your anti-virus/malware detection software is up-to-date, and you have applied TRU information security standards to your computer/device.
• Avoid using public charging stations (i.e. where a charging dock or cable is already provided), such as on a ferry or in an airport, as these are not considered safe for use, and may infect your device with a virus or malware.

Many attempted phishing and ransomware attacks appear in your inbox looking like an email from a person or service that you trust. If it looks unusual, feels unexpected, has any typos, or it just seems “odd”, then do not click any of the links.

One way to verify the link before you click it is to hover over a hyperlink in your inbox, without clicking. When you hover over a hyperlink, you’ll see the target URL in the lower-left corner of your browser or in a small pop-up in your email. Forward any unusual or suspicious email to infosecurity@tru.ca.

Recently, TRU has seen many malicious attempts that use COVID-19 subject matter as a means to get people to act. There have been attachments and links that claim to be from medical services indicating people may have come in contact with someone known to be infected with COVID-19. Be extra vigilant concerning these types of email messages and forward them to infosecurity@tru.ca.