Secure storage of University data

Making sure your data is safe and secure is the responsibility of all University staff, not just ICT. Please take a moment to read some of the tips below to ensure your data secured.  

Hard drive encryption

All new University laptops should already have hard drive encryption enabled so you do not need to worry. This means if your laptop is lost or stolen no one will be able to access your hard drive. If you are unsure if your hard drive is encrypted or have any questions, please get in touch.

Never leave unlocked

Always lock or turn off your laptop whenever you leave it unattended or are travelling.

Never tell anyone your password

Never tell anyone your password, ICT or the University will never ask for it so never give it out under any circumstances.

The University enforces Complex Passwords for all University accounts.  The use of strong passwords can slow or often defeat the various attack methods of compromising your account.

What is a complex password?

 A complex password requirements are :-

·         The password should not contain the user’s account name or parts of the user's full name that exceed two consecutive characters

·         Be at least eight characters in length

·         Contain characters from three of the following four categories:

·         Uppercase characters (A through Z)

·         Lowercase characters (a through z)

·         Numeric digits (0 through 9)

·         Non-alphabetic characters (for example, !, $, _ , #, %

 

How to construct a compliant password

The recommendation is that you use a memorable phrase, for example :-

"My_cat_has_9_lives"

"10GreenBottles"

"ChristmasDay1969"

Testing strength

Please use the following link to test the examples above but never enter your actual University password.

https://howsecureismypassword.net/

Always PIN protect

If you are accessing any University information on your mobile device including email you must have some kind of PIN protection, this can either be a code or other form of secure entry. If you are unsure on how to do this please get in touch.

Remote wipe

If you mobile device is lost or stolen you can remote wipe any University email stored on a phone or tablet. To do this please follow these simple instructions: 

Login to webmail – https://webmail.worc.ac.uk
Click on ‘Options’.
Then click on ‘See all options’.
Select ‘Phone’.
Click on ‘Mobile phones’.
Select the phone or tablet that has been lost or stolen.
Click ‘Wipe device’. 

Alternatively contact us and we will assist.

Encrypt your drive

You can encrypt any USB drive by following the instructions below:

1. Insert your USB drive into your PC or Laptop.
2. Open windows explorer.
3. Right click on the USB drive.
4. Select ‘Turn on Bitlocker’, if you do not have this option please contact us.
5. Select ‘Use a password to unlock the drive’ and enter a password.

       
6. You will then be prompted to save a recovery key just in case you forget the password – keep this safe.
7. Select start encrypting.
8. Once the process is complete your drive is encrypted and you will need to enter a password whenever you access it.

Always use Onedrive for Business

OneDrive for Business is part of Office 365, it provides a place in the cloud where University staff can store, share, and sync work files. You can even work on Office documents with others at the same time.

Safe and secure

All data deposited in the University’s OneDrive for Business service is stored within Microsoft’s data centres located in the EU. The University retains full ownership and control over the data and is satisfied that the data is properly secured and protected. The contractual agreements between Microsoft and the University have been negotiated by the JISC on behalf of the UK HE sector and abide by all relevant UK and European legislation. 

How to access

To access OneDrive for Business go to the staff portal and click on the ’OneDrive for Business’ link. Sign in with your University email address and password.

Additional information

Secure storage guide