Cyber crime is a persistent and ever-changing threat to the University and its people. The University is taking action to protect itself from this threat. We have a number of policies that set out our approach to information security.
Acceptable Use Policy
What is it for
Sets out the way in which the University’s information services should be used by authorised users.
Read a summary of the policy and key actions for users.
Who does it apply to
All users
Implementation date
1 April 2024 (Transition period to 1 April 2025)
Systems Management Policy
What is it for
Sets out what system administrators, user account managers, and institutions must do to protect the University’s systems against common cyberattacks.
Read a summary of the Systems Management Policy (University login required)
Who does it apply to
Staff who manage and are responsible for multi-user computer systems.
Implementation date
1 April 2024 (Transition period to 1 April 2026)
Email Allocation and Retention Policy
What is it for
Sets out the criteria for allocation and retention of University email addresses.
Read a summary of the Email Allocation and Retention Policy
Who does it apply to
All users
Implementation date
Trial year from 1 January 2024. A pilot to test the processes for applying the policy for people who are leaving the University is taking place during the academic year 2023-24 at a limited number of institutions.
Data Protection Policy
What is it for
Ensures compliance with the UK General Data Protection Regulation, the Data Protection Act 2018 and related legislation.
Read a guide to the Data Protection Policy (and access the policy)
Who does it apply to
All staff (except when acting in a private, non-University capacity) and all students when processing personal data on behalf of the University.
Implementation date
March 2023
Related policies and guidelines
Web accessibility statement
Sets out our approach to web accessibility and lists all known accessibility issues. Details how to request information in a different format.The statement was prepared on 7 December 2022. It was last reviewed on 21 February 2024.
Access our web accessibility statement.
Domain name policy
Explains how we allocate domain names under cam.ac.uk and how to apply for a new domain name.
Read the Domain name policy and Guidelines for requesting domain names within cam.ac.uk
University software policy terms and conditions
Sets out our policy on computer software licensed by the University of Cambridge and its Colleges.
Read the University software policy
Authorisation for use of the Cambridge University Data Network
Specifies the designated use of the Cambridge University Data Network (CUDN)
Authorization for use of the Cambridge University Data Network (CUDN)