Information security is critical to business operation, and policies, practices and training to raise awareness relating to its management are key tools in addressing risk.
Information security policies
These information security policies are designed to highlight, address, and mitigate for risks associated with information loss, theft or corruption. Specific policies highlight the approach to handling risks, whereas other policies enable risks to be exposed.- Summary of changes policy review 2012
- High level information security policy
- General information security policy
Guidance and training
The University faces considerable challenges in safeguarding the information generated by each department and School. Although technical solutions implemented by ITCS go some way to protect the University, individual staff members need to be aware of the simple measures they can take to improve information security and avoid damaging and costly data losses.- Key points
- Phishing emails
- Mobile device security
- Information security online training course
- DPA training course
Further information
Additional resources and information are listed below:- Information security news. Links to articles on Twitter concerning information compliance and information security use the hashtag #UEASPC and can be read at http://twitter.com/search/%23ueaspc%20from%3Aisdtn (or search in Twitter for “#UEASPC from:ISDTN”)
- Janet CSIRT (Computer Security and Incident Response Team) monitor and resolve any security incidents on the Janet network
- UCISA Information Security Toolkit supports HEIs in producing information security policies
Contact
- Contact the ISD Strategy, Policy and Compliance team at isd.spc@uea.ac.uk.
