[To be edited]
There are several good general sites about keeping safe online and links to some of these are given at the bottom of this page. This set of tips is more specifically related to your time at the University. While there are overlaps with these sites some items not found on the general sites are also included. The majority of the links immediately below the tips are to pages on University websites.
Look after your passwords
Passwords are one of the most important ways to protect yourself online. A good password is easy for you to remember and hard for anyone else to guess, for example use the first letters of a memorable phrase, and use capital letters and numbers in place of some letters. Don't use the same password for every website or other service you use, instead consider grouping sites according to how important they are to you.
Passwords saved on mobile phones, tablets and laptops are particularly vulnerable to loss - you should be prepared to change all passwords saved on a lost or stolen item. It is better to minimize saving passwords for web sites and email accounts where possible.
Keep all your devices up to date - including antivirus and other anti-malware
It's essential to protect any device (desktop, laptop, tablet, mobile phone) by using anti-virus and other anti-malware software, and keeping this and all other software up-to-date. There are also a number of ways you can avoid viruses and other sorts of problem in the first place, including being extremely cautious about opening email attachments (default to don't unless you know it's coming) and being careful about which websites you visit. The University provides anti-virus software, free of charge, which can be used by all students and staff.
Look after your identity and privacy on social media
Use privacy settings to control exactly what you're sharing and with whom. You may wonder why this is included. The answer is that if you leave the settings as default you may find that your information and posts, both personal and work-related, spread a lot further than you expect. This can, at times, lead to abuse, both personal and financial, which brings us to…
Cyber bullying and offensive materials
Cyber bullying is bullying. The University has anti-bullying policies and support for students and staff, and all Colleges should have their own policies.
If you are considering publishing anything on a web site (including blogs and social media), we advise you to read the guidelines that draw your attention to the legal framework. Putting something offensive behind a password does not make it acceptable and it may break the law.
Some sponsors, funding agencies and collaborators may require you to keep your email on University servers, for example Hermes. Seek advice if you are unsure. Think carefully about how you can minimize risks to your email, for example if you use Hermes Webmail then all your email is kept on Hermes. If you save your mail to, or synchronize with, a mobile or laptop computer your email becomes more vulnerable (e.g. theft of the device).
Phishing and scam emails
Some emails are sent to try to trick you into revealing passwords, or other information about yourself such as bank details. To help you recognize and avoid responding to these we have some examples. If in doubt do not reply to, or follow links in, emails asking you to 'update your details' or similar.
Lost, stolen, broken or hacked mobiles and computers
It's worth having a list of all passwords that will need resetting in the event of loss (but don't keep this on the back of your computer or similar place!). It's also a very good idea make sure data are always backed up and that your work does not depend on a single copy (see below). If your computer is compromised we have specific advice on what to do. You can get help from IT support staff with this too.
Backup, storage and management of data
As noted above, it's very important that you don't have just the one copy of all your documents, data etc.. The University has very comprehensive and detailed advice on, and links to more training about, the management of research data, including ethical and legal aspects. Some sponsors and funding agencies have particular requirements with which you need to comply. Online resources include comparisons of different methods and advice from the stage of making a funding bid to looking after data in future.
Cloud computing and storage
There are useful overviews of the issues to consider when using cloud storage for your own personal files. More detailed advice on cloud computing and other matters is available from the Information Commissioners Office.
Advice on cloud computing (UCS News article)
Cloud computing (ICO)
If you are considering third party/external Cloud computing and storage services for University material (e.g. research group or departmental) then contacting Legal Services and/or Procurement Services is advisable.
At home or travelling
When you're at home or travelling you are quite likely to visit a wider variety of web sites and to have responsibility for the way you connect to the internet. As well as following the tips above, be extra vigilant and take advantage of advice from your internet service provider and network router documentation.
Many risks increase when you are away, be it be theft of computers or loss of passwords. In addition you should be cautious over the use of computers provided elsewhere; they may not be well-maintained and may have malware that snoops what you type (including passwords and personal information). If you are unable to reset a compromised password when away try to phone the appropriate person who can do it for you.
If your travel is to another academic site, e.g. another University, it may save problems - and your time - if you have already set up eduroam so you can use that at the remote site.
Home user guide to PC security. Some of the advice we provide for Windows users at home is applicable also to those using Apple and other computers.
Other useful links
For local training that will help with many aspects of your work, see the University training web site
Get Safe Online- free advice covering, amongst other things, protecting your computer; protecting yourself; smartphones and tablets; shopping, banking and payments; social networking.
bank safe_online, the Payments Council's Consumer Information Campaign.
Tips for safe and secure online banking from the ActionFraud website.
Some more useful links. Originally targetted at IT staff, but many of the links are more generally useful.
If you have questions, or would like further information, please contact the Service Desk.