IT Security

​​​​​​​Welcome to the security page

 

Advice for Cardiff Met staff

Regardless of any mechanism employed to secure data offsite, the most effective means of achieving this will always be to not take any confidential data or documents off site.  ​

secure-data.png

​Cardiff Met has invested a lot of resources in SharePoint as the primary means of making data and documents available securely to staff and students anywhere that there is an internet connection.

This should always be your first priority. SharePoint offers the user a secure window onto data that remains stored within Cardiff Met's systems. SharePoint will also permit the user to download documents and data onto their local device, again, this should be avoided except where absolutely necessary.

Although Cardiff Met's IT systems are secured to the latest standards, this provides no protection when data is copied from this environment and taken off campus. It's therefore vital that if you absolutely must transport or transmit sensitive data off campus that it is properly secured and encrypted.

If you are a Cardiff Met member of staff, you are responsible for taking adequate security precautions when you take data away from the Cardiff Met network. If you are transferring data onto a personal machine, then you are also responsible for ensuring that this computer is secure.

​​Cardiff Met can receive a fine of up to £500,000 for inappropriate release of personal data.​


​Advice for Cardiff Met Students

You should protect any files you create that contain sensitive data. In addition, you may consider password protecting any important work. You should also ensure that any personal computers you use are secure. Please see the advice below for protecting any portable data.

​​

​​Protecting portable data

Any commercially or personally sensitive data stored away from Cardiff Met's server systems should be encrypted to reduce the risk of this data being compromised if your device were to be lost or stolen. This includes transporting or transmitting data via:


 
  • Email
  • Laptop
  • Pen drive (USB stick)
  • Writeable CD / DVD
  • Portable hard drive
  • Any other portable storage or transmission mechanism

 

In addition to encryption, it is vital that any important data is backed up. Please contact IT Helpdesk for advice on backing up your data.

​Sending data via email

The most straightforward way to encrypt data for transmission of most documents via email is to put a password on a Microsoft Office file. Password protected files in Office 2007 or later are securely encrypted. The password to the file should be provided separately to the encrypted email (perhaps by telephone). Please see the following guidance on how to encrypt / password protect an office document.​


 

secure-email.png

​Securing data on your laptop, home desktop, or any computer device used away from campus

​If you have a device that you use to access Cardiff Met systems or data, or take sensitive data off campus, then please consider using Bitlocker for Windows desktops.

For Apple Macs running OSX, please use FileVault for data encrytpion.


secure-laptop.png

Securing a Pen Drive (USB memory stick)

If you store sensitive data on a memory stick then it should be encrypted to prevent unauthorised access should you lose it.

Modern operating systems such as Windows 7 and later have the option of using "BitLocker To Go". Likewise Apple OSX Lion and later provide the ability to encrypt a USB drive via the Disk Utility. 

​​
secure-usb.png

Note that BitLocker encryption cannot be accessed by Apple OSX. Likewise OSX Disk Utility encryption cannot be accessed by Microsoft Windows.

A further option for securing data is 7-zip. It is a free compression utility that will also encrypt files. The encrypting files with 7-Zip guidance details its use on Windows PCs and there are also unofficial versions of 7-zip for OSX such as Keka (this should allow for the transfer of 7-zip files between Windows & Apple OSX based computers).​

​Securing a writeable CD / DVD

​If documents are stored on a CD then these can be password protected. Please see advice on how to password protect an Office document. If you wish to store other types of data, then an encrypted USB memory stick may be a better choice.​​

secure-cd.png

​​Securing data on a portable hard drive

Data on a portable hard drive can also be encrypted using the methods detailed above. ​​

​​