Skip to Main Content

Information Security at Staffordshire University

Information Polices and guides

Welcome to Information Security At Staffordshire University

Here you will find information about Information  Security, university security policies and other resources.

Why is information security important?

Data held on IT systems is valuable and critical to the business of the University. We all rely on IT to store and process information, so it is essential that we maintain Information Security.

The purpose of information security policies is to preserve, Confidentiality, Integrity and availability is the defending of information from unauthorised access, use , disclosure, disruption, modification, inspection, recording and destruction.

Confidentiality: only accessed by those with the right to do so. 

Integrity: Data can be relied upon and processed correctly.

Availability: That data can be accessed when needed.

Information is critical to the success of any business, protecting information is an essential part of managing information and is a vitally important University asset and we all have a responsibility to make sure that this information is kept safe and used appropriately. 

Data Security @ Staffordshire

What has information Security got to do with me?

At Staffordshire this includes not only our legal responsibilities with respect to data, but also having the highest levels of respect for all information that relates to colleagues, students, research clients and partners.

What are the most common reasons for data security breaches?

Unauthorised access by staff – both accidental and malicious.

Accidental exposure of data online.

Email & attachments

Theft or loss of laptop, mobile device, storage media or briefcase.

How do I keep my personal data safe?

Keep university and your own personal data safe. Here are some examples of how to do that: Never share or reveal your password’s to anybody .Keep them safe. Be careful what information you share on social networking sites such as Twitter, Facebook and LinkedIn.

Does this mean that I have to keep all University data secure?

Yes.
Do not take university  student or staff data away on flash drives, Discs etc.
Do not put university student or staff data in the cloud , like Dropbox, Google docs etc. without reading the terms and conditions of any cloud provider, if data is hacked , they never take responsibility for the loss of that data, but you will!

When sending emails to a group of people, make sure you blind copy recipients. If attaching any documents check there are no personal details in the content, if there are remove them, if in doubt get a colleague to check before you hit the send button.
If you don't know how to do that contact 3800@staffs.ac.uk and they will help you.

Always use your university email address for university business, never use your personal email address.

What about my P.C.

Always lock your P.C. (use Ctrl Alt Delete) even if going to talk to somebody at the other end of your office or when leaving the office.
Shut down your P.C. when leaving the office at the end of the day.

What are the consequences of data loss?

Under the Data Protection Act, the University could be fined with the amount based on the severity of the loss and the type of data involved. The impact on the reputation of the University and harm to individuals could be far worse. From 6th April 2010 the maximum penalty which can be imposed on an organisation by the Information Commissioner’s Office is £500,000.
If you think there has been aa breach report it immediately to the information Protection & Security Manager.

Mobile Device Security

Most mobile devices are always connected to the Internet and hackers are seeing this increasingly as an opportunity. There has been a rise in the number of reported Android and iOS devices. You can help to protect yourself by following some simple steps.

  • Keep software is up-to-date.

    • Make sure that your device is running the latest version of software released by the manufacturer and that all apps are regularly updated, if possible turn on automatic updates of apps.

  • Use a password on your device

  • Don’t mess with the security settings

    • Android, Apple and Blackberry phones are fairly secure out of the box.

  • Think about what you send across public WiFi hotspots

    • When using WiFi every other user on that network has the ability to see your data.

  • Turn off Cookies and Autofill

    • Passwords and personal information stored on devices can be gathered and used by hackers

  • Watch your apps

    • Both Android and Apple apps can be vulnerable. Make sure that you are confident in the developer before downloading and always ensure your apps come from a reputable App store.

  • Know where your device is at all times

    • Don’t leave your device visible on tables in bars or similar.

  • Turn off services when not in use

    • Services such as WiFi and Bluetooth create a line of attack for hackers, turning these services off when not in use limits the possibility of attack.

  • When in doubt, don't respond

    • Fraudulent texting, calling and voicemails are on the rise. Just like email, requests for personal information or for immediate action are almost always a scam.