This information security toolkit ('the Toolkit') is targeted at specific user groups (e.g. IT staff, administrative staff) and advises you on best practice, and guidelines on a range of possible solutions to technical issues.
The Toolkit focuses on the areas below, each section sets out the recommended best practices mentioned in the IS Policy:
Mobile Security, Smartphones, Tablets Cloud Security
The Toolkit supports you to implement the University's Information Security Policy ('the Policy'). The Policy is in place to reduce the risks to the University of Oxford arising from security failures and to ensure it is better placed to meet its legal obligations, including those relating to personal data under the Data Protection Act (DPA).
The Toolkit is an on-going project and will be updated online by the Information Security team (InfoSec) team regularly, as technologies, threats and vulnerabilities change. The team gratefully acknowledge the contribution of staff from across the University who have reviewed all sections of this Toolkit as it has been drafted. Please contact firstname.lastname@example.org with your feedback.
Must / Should / May
Throughout this Toolkit we use the words "must" or "should" or "may" to indicate the level of requirement:
- MUST: "MUST" or "REQUIRED" or "SHALL" mean that the item is an absolute requirement of the Policy
- SHOULD: "SHOULD" or "RECOMMEND" mean that there may exist valid reasons in particular circumstances to ignore a particular item in this Toolkit, but the full implications must be understood and carefully considered before choosing a different course
- MAY: "MAY" or "OPTIONAL" mean that an item is truly discretionary
The Information Security Toolkit http://www.it.ox.ac.uk/infosec/toolkit/ by the University of Oxford Information Security team, is licensed as Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License (CC BY-NC-SA 4.0) http://creativecommons.org/licenses/by-nc-sa/4.0/. Permissions beyond the scope of this license may be available at email@example.com.