It is essential that the University employs appropriate safeguards when sending information externally; encryption and strong password management are at the heart of this.
Encryption is the process of scrambling information to make it meaningless to anyone without the key required to reverse the scrambling - rendering it useless to unauthorised users. This protects information from risks associated with interception of electronic traffic, and also reduces the risks of accidentally sending information to the wrong recipient.
How you can help:
- Check whether you need to share the information and how much you need to share
- Can you anonymise it so that personal data is not identifiable?
- Do you have a clear business need to share the information?
- Decide on the best method to use and if unsure contact the Information Security team
- All University laptops and MacBooks are encrypted; but remember that if your laptop is left unattended and logged in, the information is available to anyone with access to your laptop.
Use one of the following methods when sending sensitive information:
Contact the Information Security team
- Mobile phone encryption - all staff that use a mobile to access their University email account must use mobile device encryption.
- USB Encryption - if you are using a USB storage device to transfer or store SENSITIVE information it must be encrypted and password protected.
The use of encryption can be undermined by use of weak passwords.
How to create a strong and secure password:
- Use long passwords - the University minimum is 8 characters, but we recommend 16 characters
- Use a string of random words
- Eg ‘main’, ‘later’ ‘only’, ‘mainlateronly’ for more complexity add numbers and capital letters and even symbols ‘5mainlAter8only!’
- Avoid using words associated with you or your family, such as pet names, favourite foods, the names of family and friends as many of these can be guessed from social media sites or general information that people may already know about you
- Avoid using the same password for multiple accounts
- Avoid using passwords that only change by one number every time you update it.
- Eg ‘roaming1’ and then ‘roaming2’
- Avoid ‘passw0rd1’ or other obvious passwords
- Don’t write your password down - if you struggle to remember your passwords consider using a password management tool