USPS Procedures And Policies For Telework And Travel
September 30, 2016
Your security comes first
At USPS we take our cyber security responsibilities seriously. Protecting the data of our customers, partners, vendors and suppliers is paramount. To help keep this information secure and protected, we have implemented comprehensive telework and travel policies and procedures for avoiding physical and cyber breaches.
USPS® employees follow multiple policies to avoid putting suppliers’ data at risk.
Follow security guidelines, only use secure Wi-Fi networks and keep data backed up.
Postal Service™ travel and telework procedures
Since business travel and telework are a common part of USPS employees’ work life, we’ve instituted the following guidelines for these employees to follow whenever working off-site:
- Use only approved computer hardware and software
- Use only approved remote access services such as the virtual private network (VPN) or point-to-point protocol (PPP)
- Protect (via locked cabinet or closet) assigned Postal Service devices
- Disconnect from the Postal Service intranet before establishing alternate or additional connections to any network such as the Internet
- Use two-factor authentication (e.g., token) for access to payment cardholder data
- Do not allow family members or guests to use your Postal Service computing devices
- Secure laptops at all times
- Ensure laptops are not left unattended in public places
- When traveling by car, stow laptops in the trunk or some other area where it will not be easily seen or attract attention
- When traveling by air or train, keep laptops as carry-on luggage
- For travel to high-risk areas, employees are not permitted to use standard issue laptops and device. Loaners devices are supplied
Cyber security tips for travelers and remote workers
Following these guidelines can help keep data and devices safe:
- Use a VPN – Virtual private networks (VPNs) establish a secure, encrypted connection between the user’s computer and the Internet or two endpoints like a remote worker’s computer and a corporate network.
- Update your software – Make sure all of your devices’ software and operating systems have been updated with the latest security patches.
- Back up your information – Back up your contacts, photos, videos and other information on your devices before you travel.
- Keep devices secure – Enable the lock screens of your devices so they require a pass code to unlock—even if you only step away for a few minutes. Never leave your devices (including any USB or external storage drives) unattended in a public place.
- Turn off auto-connect – Disable the auto-connect function for both Wi-Fi and Bluetooth.
- Think before you connect – Before you connect to any open Wi-Fi hotspot like on an airplane or in an airport, hotel, train/bus station or café be sure to confirm the name of the network and exact log-in procedures with appropriate staff to ensure that the network is legitimate. Do not conduct sensitive activities, such as business purchases, banking or sending sensitive data while using a public Wi-Fi network. Conduct your business using your mobile phone’s network instead of Wi-Fi.
- Use “https:” – Only provide information to sites that begin with “https://” when online via an open Wi-Fi hotspot.
- Think before you click – Use caution when downloading unknown documents and images, or clicking on any unknown links.
- Be suspicious – Delete emails that are suspicious or are from unknown sources, especially emails requesting personal information.
- Create your own hotspot – Many cell phones can be used as Wi-Fi hotspots that rely on your cell phone carrier’s network to connect your laptop/ other devices to the Internet, instead of open, public Wi-Fi.
- Enable Wi-Fi hub security – When using a home Wi-Fi hub for networking, make sure that you reset the factory password and enable its security features.