The following sections explain a bit more about our IT Security and usage policies, giving a simple summary of the main points as well as providing a link to the full policy document.
This policy is about what you can and can’t do when using the University’s equipment or software applications that are made available to you. Below is a quick summary, with further details in the full policy document (link provided at the bottom of this page).
All users of IT systems, services and applications must:
- Respect copyright of all materials and software made available for authorised use
- Adhere to the terms and conditions of all licence agreements related to IT facilities and information, including items loaned to them by the University
- Use the IT facilities and information to further their work, study and/or research. Other uses must be approved by the Director of ISS
- Observe the Computer Misuse Act of August 1990, e.g., hacking or the deliberate introduction of viruses and other malware is a criminal offence except when part of a legitimate teaching course or a legitimate and approved research activity
- Adhere to the provisions of the Data Protection Act 2018 which protects individual data from misuse
- Comply with any instructions around IT facilities, whether displayed onsite or online
- Not put the security of IT services and facilities at risk
- Keep their username and passwords safe and used only by those authorised to do so. (Sharing of same is a criminal offence.)
- Ensure passwords meet the University's Password Policy (see this section)
- Apply security updates
There is important information in the policy offering the definition of inappropriate use, including specific actions that may be unlawful in certain circumstances, such as risking confidentiality, or circumventing firewalls, etc.
Please take a look at the full policy for further information:
You'll probably have plenty of passwords already, but here are some suggestions for keeping your data secure when working on your own laptop.
- Don't re-use your University password on non-University accounts. This will help avoid cyber attacks and help protect you from spam and phishing emails.
- Don't share your password with anyone - IT Service Desk staff will never ask for your password.
- Never write down passwords on a post-it note or piece of paper. If you do need to write them down, have them in a password-protected file, or kept somewhere separate from your laptop.
Reset your password regularly to protect your University access.
Please take a look at the full policy for further information:
The purpose of this policy is to facilitate the protection of the University's information and technology services against compromise of its confidentiality, integrity and availability.
- Confidentiality – a component of privacy that protects our data from unauthorised access or disclosure
- Integrity – maintaining and assuring the accuracy and completeness of data over its entire lifecycle
- Availability – guaranteeing reliable access to information by authorised personnel, when it is needed
What's included?
The policy includes diagrams to explain structures and provides links to supporting policies, as well as outlining roles and responsibilities in supporting the policy.
Example of topics in this policy:
- Risk Management
- Data Security
- Data Privacy Impact Assessment (DPIA)
- Compliance
- Security Incidents
Please take a look at the full policy for further information: