The FBI reports that identity theft is the fastest growing crime in the US.  In addition to protecting university information, your password should also be protected.  Passwords that are sent in clear text are at risk of being stolen.  After all, lost, or shared passwords provide others with an entry to your accounts: email, financial, work, and others.  If someone else has your password, they can pose as you in important transactions.

It's best to use more than one complex password for your accounts. The single sign-on password is convenient, but that one password might just compromise all of your accounts if it's the only one you're using. Having a different complex password for use with each of your important/critical information (financial, medical, pharmacy, etc.) accounts provides better security. 

To secure your computer for telecommuting:
Use the Cisco VPN Client when connecting to RUNet remotely (see VPN below)
Make sure the confidential information you supply on websites begins with HTTPS
Use different complex passwords for each of your personal/private accounts
Never send confidential information in email

The following methods for secure computing are recommended and supported by the university

HTTPS (aka SSL)

HTTP is a communication protocol used to transfer or convey information on the Internet. HTTPS adds an additional layer of encryption/authentication for security-sensitive communication such as payment transactions to HTTP. When you send information over the Internet such as a credit card number, or personal information the URL should read "https://..." You can also click on the lock icon to assure that the site's security certificate identifies that they are who they say they are.

File Transfer:  Secure File Transfer Protocol (SFTP)

Secure File Transfer Protocol is a secure version of the File Transfer Protocol (ftp) used to transfer files between UNIX servers. 

Remote Access UNIX:  The Secure Shell Protocol (SSH)

The Secure Shell Protocol (SSH) allows users to connect to a remote server or machine from another machine or personal computer via an encrypted connection. Using this protocol, netids and passwords are transmitted through an encrypted connection to prevent network snooping or "sniffing" of passwords via traditional, non-secure network connections. A secure copy program, known as "scp," accompanies SSH and allows for a file to be copied securely from a remote machine to a local machine (or vice versa). The university uses SSH for network email.  Please note that non-public personal information (NPPI) or critical information should never be sent through email.

Remote Access Windows: Secure Software

There is a variety of software that will provide secure remote access for Windows.  Please realize that they must be configured to communicate securely, and usually must be purchased. 

Virtual Private Network (VPN)

Remote-access VPNs permit secure, encrypted connections between your remote computer and RUNet. The importance of an encrypted transmission and an unencrypted one can be life altering.  Therefore, the university strongly suggests using VPN software that encrypts your transmissions.  Currently the only software the university supports which fully encrypts your remote transmissions is the Cisco Client, the Windows VPN client does not fully encrypt transmissions.

Without a VPN your transmission is viewable by anyone with a desire to steal the information your are transmitting from your computer.  If your information is personal, they have the ability to steal your identity for criminal purposes; view your health records; check-out your personal life; get into your bank accounts, etc.  Damages of this kind are expensive and heart breaking.

If your information is of a work-related confidential nature and your computer , laptop, or mobile device holds the personal information of others, hackers  have the ability to steal the identities of those whose information you are maintaining, making the university liable for damages and any notifications that may have to be done in compliance with identity theft laws.  Compromises of this nature are reputation damaging and expensive to resolve, if resolution of this kind is even possible.

If your information is of a work-related sensitive/research nature, hackers have the ability to steal the information for personal or financial gain by selling the information to the highest bidder, in violation of patent and copyright laws.  Theft of this nature damages the university, and especially faculty and students who have worked and researched toward a goal that may never be recognized.  Damages are priceless for research that may have been licensed, only to have been stolen for corporate gain.

Use the (university supported) Cisco VPN client to ensure that your transmissions are fully encrypted.
Cisco VPN Client

The following methods are not secure and should not be used for transmitting confidential or critical information

File Transfer Protocol (FTP)

FTP does not support encryption or secure authentication, the university does not recommend its use. Rutgers University is a research institution and it is very likely that sensitive data may be transferred over the Internet around the world. For this reason, we emphasize the use of a virtual private network (Cisco VPN Client), available through the university and should be used in departments.

HTTP

HTTP is used by authors and users of web pages and browsers to publish and retrieve information on the Internet.  HTTPS was developed in response to requests for encrypted information when confidential information is required.

Telnet

This is used mostly for UNIX systems for remote access to a command line. The university has substituted SSH for Telnet's remote access.