INFORMATION SECURITY

Security awareness

• University data and you
  • UOB data classifications
  • Your UOB password
  • Email and UOB data
  • Encryption advice
  • Working offsite
  • Mobile and removable devices
  • Printouts
  • Research issues
  • Staff training issues
  • Hardware and data disposal
• Protect yourself
• Protect your computer
• Security awareness links

Information security policies

• Information security policies

Security training materials

• Information security training and quiz

News

• Security issues in the news
• News for IT support staff
• Data protection advisors

UOB data classifications

Different types of data fit within different security levels, each of which has a level of risk attached should this data be lost, leaked or misused. The matrix shows the University data and risk classifications, with examples of data that fit into each classification. 

	Public	Open	Confidential	Strictly confidential	Secret
Risk	None	Low	Medium	High	Critical
Definition	May be viewed by anyone, anywhere in the world.	Available to all authenticated UOB members.	Available only to specified authenticated UOB members.	Access is controlled and restricted to a small number of authenticated UOB members.	Known only to a very small number of authenticated UOB members.
Examples	Term and closed dates Staff names, job titles and work contact details Faculty names, codes and addresses Programme, unit and department names HESA subject and fee status codes Anything subject to disclosure under the Freedom of Information Act (see link in panel at top of page)	Student names and email addresses Staff qualifications and publication details Staff Pathway Available staff categories Normal Calendar entries Assessment details (i.e. assessment types, titles, etc.)	Staff/ student  addresses and personal details Next of kin details Staff/ student photographs Student admission/ registration details Individual student exam timetables	Staff salary and Pathway level details Staff/ student medical history Staff/ student age and date of birth Exam candidate numbers	Staff/ student passwords Anything subject to or obtained under the Official Secrets Act

For any data you need to process or otherwise use, refer to the Information access matrix in the first instance and assume, as a rule of thumb, that anything not covered defaults to strictly confidential.