The impact of a breach affecting the University of Derby’s confidential information affects all of us. We’re all responsible to maintain the security of the University’s confidential information. There are a wealth of ways in which bad actors can exploit flaws in technology systems, human behaviour, and business processes to steal the University’s data. Give yourself an immediate cybersecurity boost with these tips.
- Keep your devices locked when you walk away from them. Lock your computers, laptops, tablets, and phones when you’re not with them to protecting you from a bad actor gaining unauthorised access to your device and stealing confidential information (as well as changing your password to control your access to your device).
- Control access to you (and your team’s) confidential information. Make sure all of you and your team’s file directories (on your desktop and using Office365) are open only to users with the proper access privileges for that information. Contact the IT Service Centre if you’re unsure who has access to your data using this link).
- Apply password protection to your confidential documents. Apply password protection to your confidential documents to add an extra layer of security using long, memorable, and unique passwords (with a bit of complexity).
- Watch out for phishing attacks. Be vigilant for poor spelling and grammar, impersonal greetings, requests for personal information, mismatched URLs, and unrealistic threats in your emails to prevent your passwords and confidential information being compromised by bad actors.
- Only share confidential information with authorized parties (internal and external to the University). Check the ‘to’ field when sending emails (to ensure you’re sending data to the right person and that person is authorized to receive the data you’re sending) and any attachments to avoid sending confidential information to people not authorized to receive it.
- Avoid sharing confidential information on third-party file storage services. IT Services provide 1TB of cloud-based storage using OneDrive which should be used for collaboration, sharing, and working.
- Use encrypted devices if physical storage is required. Use a device with either software or hardware-based encryption to protect your data in the event of loss/theft should you need to transport data using USB removable storage.