Protecting Personal Data while Working Remotely

GW is committed to safeguarding the personal data that we collect and manage. 

Working outside the office environment (remote work, telework, working from home) presents several challenges with regards to the privacy and security of the personal data that the university is entrusted with.

As a general rule, personal data of individuals should not be exported into spreadsheets or inserted into emails, instant messages or other forms of transmission. Data should remain in the enterprise systems or applications where it can be securely managed.

Follow best practices for the physical security of your devices

• Beware of your surroundings;
• Guard your devices;
• Practice secure access to your devices and university systems (e.g. strong password, multifactor authentication, etc.);
• Use a screen saver and log out of systems when you are no longer using them; Do not share your GW owned devices with anyone.
• For more details, check the Physical Security Best Practices.

Use Secure Networks

• Secure your home wi-fi network with a strong password.
• Use GW’s Virtual Private Network (VPN).

Use only GW owned/approved devices (computers, mobile devices)

• Use your GW managed devices for University business;
• If you do not have a GW managed device, data should not be downloaded or stored on your personally owned computer or mobile device;
• Further details can be found in GW's Data Protection Guide.

Use only university approved software and applications

Only approved (university contracted) software and applications should be used for storing and managing personal data of individuals. 

Sharing university data with providers of software, platforms, applications or services that are not university-approved (via approved contracts), violates university policies related to privacy and data protection.  Click this link for further guidance.

Follow security and privacy requirements when usng web conferencing tools

• Use only university approved videoconferencing tools. Info on available web conferencing tools at GW: https://it.gwu.edu/web-conferencing
• Do not hold virtual meetings in public spaces (e.g. coffee shop, train, etc.)
• Configure your Virtual Collaboration Tools for privacy

Further details can be found in the Privacy Considerations when using Virtual Meeting and Collaboration Platforms.

Practice Email Security

• Do not use personal (non-GW) email accounts for university business;
• Use email encryption when transmitting personal data of individual externally;
• When emailing internally, personal data should not be send in an attachment. Use GW Box links instead.
• Beware of phishing. (Check GWIT guidance on Cybersecurity Tips & Best Practices)

Do not use public printers / scanners

Personal Data of individuals (GW community members, research subjects, etc.) should never be printed or scanned using non-GW devices (e.g. public printers).

%20privacygwu [dot] edu (Email us) for further guidance.