Ensure you conduct your research in a secure way
This guidance explains how you can protect research by applying the University’s information classification and handling rules to your work. It also explains how the Information Security team can help.
We live in an era where academia is under an increasing threat of cyber attack because our information is of value to others, be they criminal gangs or hostile nation-states.
The reputational damage of a successful attack could be immense. It may also have legal, regulatory and financial consequences, which could have a significant impact on research projects. It is therefore important for all of us working in research to play our part in securing information and this has to be balanced against the needs of collaborative working and data sharing.
The Information Security team
The Information Security (InfoSec) team works hard to ensure appropriate security controls are in place around the systems you use and to raise awareness of security threats to students and staff. We provide tools and guidance to assess security risk of third-party services, and University systems are available to carry out security risk assessments on systems and infrastructure. We also assess many third-party services on behalf of researchers. Our involvement should be considered at the planning stage of every research project. If we are asked to review the security of a system it is essential to provide us with basic information about the system. Please contact us at firstname.lastname@example.org for assistance.
In addition, everyone involved in research has a personal role to play. Security metrics show that the greatest proportion of security incidents occur due to user error in handling information, leading to loss or unauthorised disclosure. This can happen through email, file-sharing or the use of removable media.