Information Security

Minimum, and required reading

Policies setting out the ground rules which we all must comply with.

The Computing Regulations

These Regulations govern the use of University computing and network facilities by authorised users. This includes staff, students and visitors.  

They apply to all services operated by, or on behalf of the University. They also include the use of personally owned devices, remote networks and services.

Private use is permitted too, but don't overdo it

The Regulations recognise, though computing facilities are for work related activity, private use is permitted. This is so long as it does not impact staff employment responsibilities or student education (and of course, does not break the Law).

The Regulations forbid any use that is illegal or brings the University into disrepute.  This includes excessive 'private use'.  Breach of the Regulations is a disciplinary offence.

The Computing Regulations

The Information Security Policy

The information security policy details how everyone is responsible for protecting University information. It states how we ensure that the confidentiality, integrity and availability is maintained.  It covers the need to take account of: physical security, business continuity and technical requirements.

The Information Security Policy

Relevant laws

The most relevant laws are about Data Protection and Freedom of information.  For Data Protection there are five key points that every member of staff should know.

Five key points

University Records Management provide introductory guidance on Data Protection and Freedom of Information:

What is data protection?

What is freedom of information?

These links are a good introduction to the Laws, and provide further links into the Laws themselves.