Vice-Chancellor, note about Meeting of Council on 9 July 2012 (circulated 1 August)
...departments are encouraged to seek advice from the Information Security Team in IT Services if they need help in applying any of the techniques recommended.
How secure is your data? Are you at risk of identity theft? Do you know how best to protect yourself, your personal data and the University? Information security is not just about locking systems down, it is about making informed decisions and providing all members of the University with the tools needed to carry out their work efficiently and securely. This website from the InfoSec team provides information and resources to help you. (See also Website image credits).
New IS PolicyOn 9 July 2012 Council approved a new University Information Security Policy. This was published in full in the University Gazette of 20 September 2012 (download as PDF) and may also be found on the University's website. The Policy provides a framework for the management of information security throughout the University, and covers information both in electronic and in hard copy forms. The Policy is accompanied by a toolkit, which suggests a range of possible solutions to technical issues, and departments are encouraged to seek advice from the Information Security Team in IT Services if they need help in applying any of the techniques recommended.
Join in the conversation
The InfoSec team blog at:
- OxCERT's blog: News and views from the network security team at the University of Oxford
- Director of IT RM's Blog: Professor Paul Jeffreys
- Academic IT: Education Enhancement Team
- @OX_IS microblogging from the InfoSec team on Twitter
Please read and comment on our latest posts:
- Cafe Culture - Beware!
- Rise in phishing attacks: why Oxford temporarily blocked Google Docs
- Information Security Policy - So What?
- BYOD: Major Risk or Latest Bandwagon?
- UUK's recent policy document: Cyber Security: Protecting Universities from the Cyber Threat
- UCL Institute for Security and Resilience Studies
Lunchtime courses - security and privacy online
You wouldn't leave your house or car unlocked, so why not take just as much care with your data and identity? Be safe and secure online - come and learn from IT Services security specialists at our series of lunchtime sessions:
Why is your personal information valuable? What are common ways that it might get into the wrong hands and the practical things you can do to reduce the risk of data theft. In this course we'll discuss security considerations in email, web and social networking; consider how to secure your computer and will look briefly at some common scams including phishing. Date: Weds 1 May 12:30-13:30
Web browsers have become complex applications and the desire for feature-rich websites means that web browsers and the sites you browse, have increasing access to your computer. This course covers how you can securely configure your web browser to protect your privacy and your computer. Date: Weds 8 May 12:30-13:30
Malware that targets user machines can propagate in a number of ways including via the network, email, web surfing and infected portable devices such as USB sticks. There is no such thing as 100% security but this course covers some of the basic ways in which users can protect their PC (or Mac!!). Date: Weds 15 May 12:30-13:30
"The Cloud" has become a catchall phrase to mean anything from "local network storage" through to "The Internet" and "outsourcing". This course looks at protecting documents for use in online environments and covers ways of sharing documents, password protection and an introduction to encryption. Date: Weds 22 May 12:30-13:30
Phishing is a type of fraud which most commonly occurs via email or websites and often a combination of the two is used. This course addresses trust in online environments and covers ways to spot phishing emails and websites. Date: Weds 29 May 12:30-13:30
"Social Media" is another broad term and can cover topics such as email, personal websites, blogs and social networking tools/sites. This course is intended to cover some general risks associate with the use of social media before looking at specifically at email, Facebook and Twitter. Date: Weds 5 June 12:30-13:30
We all know that our passwords must be complex and not easy-to-guess, and we must use a variety of different passwords for all of the services we use. Although it's so important not to re-use passwords, this session provides practical advice on doing so! Date: Weds 12 June 12:30-13:30
Sometimes the easiest way for a cyber-criminal to take control of your computer or steal your password (or money) is to simply ask you! Are you or the kids on Facebook? Do you use DropBox to synch your work? Have you received an email from your bank that looked so plausible you almost clicked a dodgy link or sent "them" some of your details? Is it difficult to remember all those passwords? Do you check your email on the train? Or shop online when relaxing in the coffee shop? Answer "yes" to any of these and you may be interested to know we can help you start to find the tools and techniques to protect yourself, your work and your family online. Key topics:
- Privacy online;
- Safe Internet use;
- Social engineering;
- Phishing and scams;
- Drop-in clinic;
- Facebook and other social media;
- DropBox and other Cloud services.
This session is being offered as part of "Learn at Work Day". This is a national awareness campaign which promotes workplace learning. This year's theme is "Many Ways to Learn" and all University staff are invited to sample our many ways to learn from a range of face to face sessions, downloadable podcasts and on-line learning material. Date: Thurs 23 May 12:45-13:45
Using iPads, other tablets and smartphones
Get Safe Online provides advice about the higher levels of risk which accompany the high level of convenience of tablets (like the iPad) and smartphones: