Data Security at Queen's
-
Upload
helen-dixon -
Category
Documents
-
view
234 -
download
5
description
Transcript of Data Security at Queen's
![Page 1: Data Security at Queen's](https://reader033.fdocuments.in/reader033/viewer/2022042618/5790541b1a28ab900c8f1d25/html5/thumbnails/1.jpg)
DATA SECURITY AT QUEEN’S
www.qub.ac.uk/is www.qub.ac.uk/is
Essential Information for Staff and Research Students
INFORMATION SERVICES
What about email?Sensitive data should not be sent by email. If you do need to use email, remember:• Confidentialfilesshouldbeencryptedbeforebeingtransferredbyemail• NeveruseapersonalemailaccountforUniversitybusiness• Takecarethattherecipientsoftheemailarethecorrectrecipientsandhavethe authority to view the data• Neversubmitlogindetailsinresponsetoanemail
What if I need to work away from the office?Under the Data Protection Act, the University is liable for the loss of data by theft. If you needtotakeorremotelyaccessdataoff-campus,remember:• Informyourlinemanagerorsupervisorbeforeyoutakedataorequipmentoff-campus and, if necessary, carry out a risk assessment• Neverleavedocuments,laptopsorotherdevicesunattendedinpublic• Donotuseyourpersonalcomputer,laptopormobiledevicetostorerestricteddata• SensitivedatastoredonaUniversitylaptopormobiledevicemustbeencrypted• EncryptedUSBdevicesareavailabletopurchasefromtheComputerShopinThe McClay Library• Installtheftrecovery/protectionsoftwareontolaptopsandmobiledevices• Public wireless networks are less secure than the University’s network environment• Whenconnectingremotely,ensurethatyourdeviceispasswordprotectedandhasan activefirewallandup-to-dateanti-virussoftware• ReportthelossofanydevicecontainingsensitivedataIMMEDIATELYtoInformation [email protected]• Protectsmartphones/tabletswithaPIN
What do I do if something goes wrong?Ifsomethinghappensthatcouldleadtopersonalorconfidentialinformationgettingintounauthorisedhands,orifyouhaveANYconcernsaboutdatasecurityorsuspectthatabreach may have occurred:• Informyourlinemanagerorsupervisorimmediately,identifyingthenatureofthe breachandthetypeofdatainvolved• Takeanyimmediatestepsyoucantoclosethebreachandminimisethepotentialimpact• [email protected]
Formoreinformationaboutdatasecurity,includingtheUniversity’sacceptableuseandinformationsecuritypolicies,visit:http://go.qub.ac.uk/itpolicies
Adviceonthetransferofdata,encryptionandthesecureerasureofdataisavailablefromInformationservicesstafforfromSchool-basedComputingOfficers.
SearchforITQUB
![Page 2: Data Security at Queen's](https://reader033.fdocuments.in/reader033/viewer/2022042618/5790541b1a28ab900c8f1d25/html5/thumbnails/2.jpg)
What has data security got to do with me?AsanemployeeoraresearchstudentatQueen’s,youmayneedtoworkwithsensitivedata,includinginformationaboutresearch,studentsandstaff.Youhavearesponsibilitytoprotecttheconfidentialityandintegrityoftheinformationthatyouaccess.Ifyoudon’tthinkcarefullyabouthowyoustoreandusedata,youcouldfindyourselfinvolvedindisciplinaryactionorlegalproceedings.
What kind of data are we talking about?Information which needs to be carefully handled may include:• Datarelatingtoindividualssuchasstaff,studentsorresearchsubjects• Informationgiveninconfidence• Financial information• Detailsofresearchactivityorintellectualproperty• Informationrelatingtoexamsorassessment• AnyotherinformationnotintendedforthepublicdomainIfyouareuncertainaboutwhetherthedatayouareworkingwithisconfidential,checkwithyourlinemanagerorsupervisor.
What can go wrong?ResearchhasshownthatdatabreachesinHigherEducationareoftendueto:• Unauthorised access to data (both deliberate and accidental) by staff or other individuals• Confidentialorpersonalinformationbeingaccidentallymadeavailableonline• Thetheftorlossofdocumentstakenoutoftheoffice• Thetheftorlossofalaptop,mobiledeviceorstoragedevice(suchasaUSBdrive)
TheUniversity’spoliciesandregulationsregardingacceptableuseandinformationsecuritycanbefoundat:http://go.qub.ac.uk/itpolicies
What can I do to protect the data that I use at work?Thereareseveralsimplestepsthatyoucantaketoprotectyourpersonaldetailsandanydatathatyouareworkingwith.Remember:• Createstrongpasswordsthatuseacombinationofletters,numbersandsymbols• Useuniquepasswordsforeachaccount• Neverrevealyourpasswordstoanyone• Passwordprotectsensitivedocumentsandstorethemonasecurenetworkdrive• UseCtrl+Alt+Deltolockyourworkstationbeforeleavingyourdesk• Keepconfidentialdocumentslockedinafilingcabinetordrawerwhennotinuse• Lockyourofficedoorifthereisnobodythere• Familiarise yourself with the University’s Data Protection Policy
Remember that data in your possession is your responsibility!Don’twaitforsomethingtohappenbeforethinkingaboutdatasecurity–takestepstoprotectyourdataandyourhardwaretoday!
Impact onindividuals
Damage to University’s reputation
Fines of up to
£500,000
DATA SECURITY BREACH
Staff and students should report data security incidents or threats IMMEDIATELY to their line manager or
supervisor and email [email protected]