Skip to content
Open menu Close menu

Code of Practice for Information and Security: Key Points

Access to information

  • The University recognises that all staff must have access to appropriate information in order to fulfil their job responsibilities.

However, you should be aware:

  • that Electronic Mail is an insecure communication medium (see Code of Practice Document Reference 3.4.2);
  • that the University reserves the right to access information stored on University facilities (see Code of Practice Document Reference 3.12) or to monitor use of the University network infrastructure;
  • of the dangers of using untested software (see Code of Practice Document Reference 3.3.3);
  • that standard encryption in Word Processors is insecure (see Code of Practice Document Reference 3.4.3 and 3.11);
  • that your compliance with this Code may be subject to internal audit.

And remember to:

  • obtain authorisation before you access or use administrative information (see Code of Practice Document Reference 3.4.1);
  • label sensitive information using approved security marks and take appropriate precautions with material classified as confidential (see Code of Practice Document Reference 3.10);
  • lock your door when your room is unoccupied (see Code of Practice Document Reference 3.1);
  • choose a safe password and keep it to yourself (see Code of Practice Document Reference 3.2);
  • use anti-virus software and check all diskettes (see Code of Practice Document Reference 3.3.1);
  • ensure you make backups of important data, and store them securely (see Code of Practice Document Reference 3.4.5);
  • remove stored information when disposing of old equipment or media (see Code of Practice Document Reference 3.4.4);
  • comply with the University Regulation on Use of Computer Facilities and the Campus Network and, in particular, the Data Protection Act (see Code of Practice Document Reference 3.8) and software licence conditions (see Code of Practice Document Reference 3.9);
  • obtain authorisation before taking equipment off campus see Code of Practice Document Reference (3.5);
  • ensure that the same procedures are used when equipment is used outside the University (e.g. at home) to process University information (see Code of Practice Document Reference 3.5);
  • report suspected breaches of this Code as indicated below.


For further information or to report a security issue contact:

  • Director of Learner Support Services;
  • Director of IT Services;
  • University Secretary.

or email

Content last updated: October 2008.