Upload File

data security at queen's

2
DATA SECURITY AT QUEEN’S www.qub.ac.uk/is www.qub.ac.uk/is Essential Information for Staff and Research Students INFORMATION SERVICES What about email? Sensitive data should not be sent by email. If you do need to use email, remember: • Confidential files should be encrypted before being transferred by email • Never use a personal email account for University business • Take care that the recipients of the email are the correct recipients and have the authority to view the data • Never submit login details in response to an email What if I need to work away from the office? Under the Data Protection Act, the University is liable for the loss of data by theft. If you need to take or remotely access data off-campus, remember: • Inform your line manager or supervisor before you take data or equipment off-campus and, if necessary, carry out a risk assessment • Never leave documents, laptops or other devices unattended in public • Do not use your personal computer, laptop or mobile device to store restricted data • Sensitive data stored on a University laptop or mobile device must be encrypted • Encrypted USB devices are available to purchase from the Computer Shop in The McClay Library • Install theft recovery/protection software onto laptops and mobile devices • Public wireless networks are less secure than the University’s network environment • When connecting remotely, ensure that your device is password protected and has an active firewall and up-to-date anti-virus software • Report the loss of any device containing sensitive data IMMEDIATELY to Information Services by emailing [email protected] • Protect smart phones/tablets with a PIN What do I do if something goes wrong? If something happens that could lead to personal or confidential information getting into unauthorised hands, or if you have ANY concerns about data security or suspect that a breach may have occurred: • Inform your line manager or supervisor immediately, identifying the nature of the breach and the type of data involved • Take any immediate steps you can to close the breach and minimise the potential impact • Contact Information Services by emailing [email protected] For more information about data security, including the University’s acceptable use and information security policies, visit: http://go.qub.ac.uk/itpolicies Advice on the transfer of data, encryption and the secure erasure of data is available from Information services staff or from School-based Computing Officers. Search for ITQUB

Upload: helen-dixon

Post on 21-Jul-2016

236 views

Category:

Documents


5 download

Report

DESCRIPTION

Guidance for staff and research students on protecting data and sensitive information.

TRANSCRIPT

Page 1: Data Security at Queen's

DATA SECURITY AT QUEEN’S

www.qub.ac.uk/is www.qub.ac.uk/is

Essential Information for Staff and Research Students

INFORMATION SERVICES

What about email?Sensitive data should not be sent by email. If you do need to use email, remember:• Confidentialfilesshouldbeencryptedbeforebeingtransferredbyemail• NeveruseapersonalemailaccountforUniversitybusiness• Takecarethattherecipientsoftheemailarethecorrectrecipientsandhavethe authority to view the data• Neversubmitlogindetailsinresponsetoanemail

What if I need to work away from the office?Under the Data Protection Act, the University is liable for the loss of data by theft. If you needtotakeorremotelyaccessdataoff-campus,remember:• Informyourlinemanagerorsupervisorbeforeyoutakedataorequipmentoff-campus and, if necessary, carry out a risk assessment• Neverleavedocuments,laptopsorotherdevicesunattendedinpublic• Donotuseyourpersonalcomputer,laptopormobiledevicetostorerestricteddata• SensitivedatastoredonaUniversitylaptopormobiledevicemustbeencrypted• EncryptedUSBdevicesareavailabletopurchasefromtheComputerShopinThe McClay Library• Installtheftrecovery/protectionsoftwareontolaptopsandmobiledevices• Public wireless networks are less secure than the University’s network environment• Whenconnectingremotely,ensurethatyourdeviceispasswordprotectedandhasan activefirewallandup-to-dateanti-virussoftware• ReportthelossofanydevicecontainingsensitivedataIMMEDIATELYtoInformation [email protected]• Protectsmartphones/tabletswithaPIN

What do I do if something goes wrong?Ifsomethinghappensthatcouldleadtopersonalorconfidentialinformationgettingintounauthorisedhands,orifyouhaveANYconcernsaboutdatasecurityorsuspectthatabreach may have occurred:• Informyourlinemanagerorsupervisorimmediately,identifyingthenatureofthe breachandthetypeofdatainvolved• Takeanyimmediatestepsyoucantoclosethebreachandminimisethepotentialimpact• [email protected]

Formoreinformationaboutdatasecurity,includingtheUniversity’sacceptableuseandinformationsecuritypolicies,visit:http://go.qub.ac.uk/itpolicies

Adviceonthetransferofdata,encryptionandthesecureerasureofdataisavailablefromInformationservicesstafforfromSchool-basedComputingOfficers.

SearchforITQUB

Page 2: Data Security at Queen's

What has data security got to do with me?AsanemployeeoraresearchstudentatQueen’s,youmayneedtoworkwithsensitivedata,includinginformationaboutresearch,studentsandstaff.Youhavearesponsibilitytoprotecttheconfidentialityandintegrityoftheinformationthatyouaccess.Ifyoudon’tthinkcarefullyabouthowyoustoreandusedata,youcouldfindyourselfinvolvedindisciplinaryactionorlegalproceedings.

What kind of data are we talking about?Information which needs to be carefully handled may include:• Datarelatingtoindividualssuchasstaff,studentsorresearchsubjects• Informationgiveninconfidence• Financial information• Detailsofresearchactivityorintellectualproperty• Informationrelatingtoexamsorassessment• AnyotherinformationnotintendedforthepublicdomainIfyouareuncertainaboutwhetherthedatayouareworkingwithisconfidential,checkwithyourlinemanagerorsupervisor.

What can go wrong?ResearchhasshownthatdatabreachesinHigherEducationareoftendueto:• Unauthorised access to data (both deliberate and accidental) by staff or other individuals• Confidentialorpersonalinformationbeingaccidentallymadeavailableonline• Thetheftorlossofdocumentstakenoutoftheoffice• Thetheftorlossofalaptop,mobiledeviceorstoragedevice(suchasaUSBdrive)

TheUniversity’spoliciesandregulationsregardingacceptableuseandinformationsecuritycanbefoundat:http://go.qub.ac.uk/itpolicies

What can I do to protect the data that I use at work?Thereareseveralsimplestepsthatyoucantaketoprotectyourpersonaldetailsandanydatathatyouareworkingwith.Remember:• Createstrongpasswordsthatuseacombinationofletters,numbersandsymbols• Useuniquepasswordsforeachaccount• Neverrevealyourpasswordstoanyone• Passwordprotectsensitivedocumentsandstorethemonasecurenetworkdrive• UseCtrl+Alt+Deltolockyourworkstationbeforeleavingyourdesk• Keepconfidentialdocumentslockedinafilingcabinetordrawerwhennotinuse• Lockyourofficedoorifthereisnobodythere• Familiarise yourself with the University’s Data Protection Policy

Remember that data in your possession is your responsibility!Don’twaitforsomethingtohappenbeforethinkingaboutdatasecurity–takestepstoprotectyourdataandyourhardwaretoday!

Impact onindividuals

Damage to University’s reputation

Fines of up to

£500,000

DATA SECURITY BREACH

Staff and students should report data security incidents or threats IMMEDIATELY to their line manager or

supervisor and email [email protected]


Vormetric Data Security Platform · 2018-01-11 · 2_ VORMETRIC DATA SECURITY PLATFORM As devastating security breaches

Getting Started - Web Security, Email Security, Data Security

Tech Data 2011 Application and Data Security Sales … Data Application and Data Security Sales Playbook Tech Data 2011 Application and Data Security Sales Playbook: How to build security

Inquiry @ Queen's

Queen's Law Research Reports 2014 - Queen's Faculty of Law

Data Privacy & Data Security

Research Data Management - Queen's University...• Writing a Data Management Plan • Funding Agency Guidelines • Metadata • Data Repositories & Archives • Citing Data • Best

Running head: DATA BACKUP SECURITY DATA BACKUP SECURITY: BEST

SECURITY THREATS AND CONTROLS Data security core principles€¦ · SECURITY THREATS AND CONTROLS Data security core principles The three core principles of data security/information

Title Calendar for Queen's College, Galway Queen's College

Queen's Rover

Queen's Jubilee

Queen's EngParent

Queen's Law Reports Online - April 2015 - Queen's Faculty of Law

Queen's and Lord Treasurer's Remembrancer - ebury.pdf · Queen's and Lord Treasurer's Remembrancer

Data Security The Best Data Security In The Industry

STATE GOVERNMENT DATA PRIVACY€¦ · DATA SECURITY/DATA DISPOSAL LAWS Data Security Laws Reasonable security practices appropriate to the nature of data Specific practices –security

QUEEN'S MINER

Playing the Queen's Gambit - A Grandmaster Guide 1.d4 The Queen's Gam… · Games/Chess Playing the Queen's Gambit — A Grandmaster Guide By Lars Schandorff The power of the Queen's

ORACLE DATA SHEET · ORACLE DATA SHEET . ORACLE DATA SHEET . Compliance Framework Summary Framework Corporate Security Framework Database Security Host Security Weblogic Security

Queen's Law Viewbook 2016 - Queen's University, Kingston, Ontario

Enactus Queen's (previously SIFE Queen's) - Financial Literacy Project Presentation 2010

Data Sheet Vormetric Data Security Platorm Vormetric Data ... · Vormetric Data Security Platorm Vormetric.com Vormetric Data Security Manager The Vormetric Data Security Manager

Queen's list

Queen's Common University Data Ontario (CUDO) …...Source: Official government enrolment data. Queen's University: Common University Data 2017 B1 ‐ Applicants and Registrants by

Queen's Day

Deployment Guide - Web Security, Email Security, Data Security

Queen's Crown

Data security

Approaches to National Security - Queen's U

Software Development DATA SECURITY. Data Security What is data security? Procedures & equipment to protect data Consequences of not protecting

Clustered Data ONTAP Security Guidance - cStorcstor.com/.../06/NetApp_Clustered-Data-ONTAP-Security-Guidance_S… · Clustered Data ONTAP Security Guidance Recommendations for Security

CANADA AND HEMISPHERIC SECURITY - Queen's University€¦ · security stephen j. randall frsc. director institute for us policy research/school of public policy, university of calgary

PERSONAL PROPERTY SECURITY ACT - Alberta Queen's Printer:

Research Data Management - Queen's University€¦ · Jeff Moon Data & Government Information Librarian Academic Director, Queens Research Data Centre Research Data ManagementAuthors: