Skip to main content

Remote Work Security Best Practices

The following are security guidelines for those working at least partly off campus. For more information about technology and hybrid/remote work, see the Hybrid & Remote Work Guide.

General Security Agreement

Employees agree to protect college-owned equipment and information from unauthorized or accidental access, use, modification, destruction or disclosure and will report any breaches immediately to their supervisor and the appropriate College entity.

Your Work Computer

Employees should use approved, college-issued LITS-managed computers when conducting MHC work (both on and off campus).

Security-Minded Device Settings:

Note that LITS configures your MHC computer to comply with these settings.

  • Computer screen lock: A screen lock prevents unauthorized access to your device. It is recommended on college-issued laptops and personal computers. Screens should be set to lock and require a password after a short period of inactivity. If walking away from your computer, even for a few minutes, it is best to lock your screen. To lock your screen manually on Windows, use the key combination Windows + L. To lock on MacOS, use Command + Control + Q. 
  • Security updates: Make sure to regularly install operating system patches, browser updates, and application patches, (e.g.: Zoom). 
  • Operating Systems: Only use a computer running an operating system that is currently supported by the vendor and recommended by LITS: Windows 10 or MacOS 12 and later.
  • External Media: To protect MHC data and adhere to information security best practices, use of external media (such as USB flash drives or external hard drives) will be restricted by default on machines that will be used for remote work. Exceptions will be handled on a case-by-case basis.

Home router/wifi 

Your home router should have the latest firmware updates installed and the default router password should be changed. The wireless security should also be configured using WPA2 or WPA3. LITS recommends working with your internet service provider to ensure these recommendations are met.


Some campus systems (ex. Colleague, AMBR, Avaya Softphone, etc) require that you are connected to the campus network. When you’re working remotely that means you’ll need to connect to the MHC VPN.

LITS also recommends you use the VPN whenever accessing college data, including data in Google Docs and email to name a few. This allows you to take advantage of the security built into our campus firewall. 

For more information on use and installation of Mount Holyoke’s VPN visit the LITS VPN Page.

Remote Desktop 

Some work requires applications or systems only available from college desktop/laptop machines. Once a VPN connection has been established, you may remotely connect to your office computer. 

Data Handling 

Avoid downloading college data to your personal computer. Please let the Technology Help Desk know if downloading college data is part of your workflow and you do not have a college issued computer at this time.

Read and adhere to all MHC IT and Information Security Policies, including but not limited to the Data Classification policy and file storage guidelines when working with MHC Data remotely.