Contact Details

Head of Information Assurance
University of Worcester
Henwick Grove
Worcester  WR2 6AJ

Email: infoassurance@worc.ac.uk

Tel: 01905 855014

Information Security

The secure processing and management of information and data, personal and non-personal, underpin the University's activities and are essential to its teaching, research and administrative functions. 

It is essential that all members of the University, staff and students, play their part in safeguarding the availability, integrity, confidentiality and authenticity of the information they hold or access. The misappropriation of University information not only has the potential to cause reputation damage and disruption to the University's business but may also expose the organisation to the risk of legal sanctions. Additionally and importantly the loss or inadvertent disclosure of personal information can cause a signficiant amount of distress to the people whose infomation is affected.

The University's Information Security Policy provides a framework for the management of information security throughout the University.

DO

DON'T

Seek advice from the IT Service Desk if you are unsure about any aspect of Information Security. DON'T disclose your account password to anyone either verbally or via email. That includes members of IT.
Change your password if you have any suspicion that it may have been compromised. DON'T use your University password as the password for any other service.
Report any loss or suspected loss of data to the IT Service Desk. DON'T undermine or seek to undermine the security of computer systems.
Ensure that equipment that has been used to store sensitive University data is disposed of correctly. DON'T make copies of restricted University information without permission.
Encrypt mobile devices which you use for University business including personal devices. Advice is available from the IT Service Desk DON'T provide access to University information or systems to those who are not entitled to access.
When sharing sensitive information with others always follow the advice in the Information Handling Guidelines. DON'T leave your computer unlocked when unattended.
Password protect your personally owned devices. DON'T use a personal email account for conducting University business.
Keep all of the software on your personally owned devices up to date. DON'T connect personally owned storage or mobile devices to University owned devices
Be aware of the risks of using open (unsecured) Wi-Fi hotspots or public computers in libraries, airports, etc DON'T send, forward or open unauthorised bulk (spam) email.
Assume that Information Security is relevant to you. DON'T leave paper-based records in plain sight where they can be viewed by unauthorised people
Ensure that paper-based information is securely locked away when you are away from your desk. DON'T leave hard copies of confidential information unattended or unsecured.

 

There is a range of support and guidance available for staff and students from the ICT Service Desk including the following:

- Cloud Storage - the University's approved solution is OneDrive for Business

- Secure storage of data using Encryption

- Protecting emails and documents using Rights Management Services (RMS)

- Self service Password Change

All staff and students should ensure they are familiar with the ICT Regulations