Information security is critical to business operation, and policies, practices and training to raise awareness relating to its management are key tools in addressing risk.
TrainingThe University faces considerable challenges in safeguarding the information generated by each department and School. Although technical solutions implemented by ITCS go some way to protect the University, individual staff members need to be aware of the simple measures they can take to improve information security and avoid damaging and costly data losses.
GuidanceFurther information on information security is available from the following links.
- Key points
- Lost or stolen devices
- Mobile device security
- Encrypt a file using 7Zip
- Disposal of IT equipment and media
- 20 ways to keep your internet identity safe from hackers [Guardian article]
- Safer smartphones - a guide to keeping your device secure [ICO guidance]
Information security policiesThese information security policies are designed to highlight, address, and mitigate for risks associated with information loss, theft or corruption. Specific policies highlight the approach to handling risks, whereas other policies enable risks to be exposed.
- Summary of changes policy review 2012
- High level information security policy
- General information security policy
Further informationAdditional resources and information are listed below:
- Janet CSIRT (Computer Security and Incident Response Team) monitor and resolve any security incidents on the Janet network
- UCISA Information Security Toolkit supports HEIs in producing information security policies
- Contact the ISD information security team at firstname.lastname@example.org.