Policies, codes of practice, standards and procedures for protecting University information.
Within the University, we have implemented a suite of information and information technology policies, codes of practice, standards and procedures for protecting University information. These are collectively referred to as the IT Policy Implementation Framework, and have been designed to increase information assurance and security along with ensuring legal compliance. To condense and simplify policy elements required by the majority of staff, a Staff Information Handbook has been produced, and is available to staff on-line at:
Please familiarise yourself with this Staff Information Handbook and apply the guidance so that we can all enjoy the benefits of safe electronic working practices and comply with our legal obligations.
Information Assurance (IA)
Information Assurance encompasses:
- a confidence in information systems that they will protect information they handle
- a confidence that information systems will function appropriately under the control of approved staff and when required to do so.
IA is the term commonly used to describe the availability, confidentiality and integrity of electronic information, whether it is data, text, static or moving images, or any other electronic form.Today most information will find its way into an electronic form whether for storage, processing or transmission or a combination of these activities.Paper-based information once input into to a computer system, becomes digital in form and it may therefore be readily amended, destroyed or transmitted, for example by e-mail.
Through the provision of appropriate policies and practices including the use of suitable security products ISD seeks to promote the importance of IA to academic staff, researchers, administrative staff and students.In so doing we must achieve an assurance that electronic information is available to those who have authority to use it and also adequately protect the information from unauthorised change or dissemination.
Information Services has introduced several technologies to aid Information Assurance:
University Laptops often carry documents which are sensitive, for commercial, Data Protection Act or other reasons. Using a secure, encrypted laptop helps protect you and the University from the consequences should your laptop be stolen or lost: Think 'Protect'. It is University policy that University laptops are encrypted.
The University appreciates that access may be required to the corporate ICT network and services when staff and 3rd parties are working remotely in order to support business needs. However, the mechanism by which this is provided must be securely managed with full auditing in order to meet IT Security standards, protecting sensitive information on the corporate network.
Information Services have developed the Secure Remote Access Service (SRAS), which provides users with a multi-layered approach to remote access, from secure web-based connection, to Active Directory (AD) server file sharing, to the ability to remotely access staff University Workstations.