UCL Computer Security Newsletter - Feb/Mar 2010
The purpose of this newsletter is to keep all security reps and other
interested parties informed about what is happening around UCL
regarding computer security. Further information from the Computer
Security Team is always available at http://www.ucl.ac.uk/isd/common/cst.
1. Change to UCL IS Mailman mailing list configuration
Following recent user concern about email sent to certain UCL mailing lists being indexed by Google and made publicly available, ISD have taken the decision to ensure that all existing UCL mailing lists have private archives to prevent this happening in the future.
The default setting for new lists was changed from public archives to private archives in 2007, but it has been decided that public access to all list archives will now be blocked, overriding the settings for individual lists.
Private archives can be viewed only by list members after authenticatiing with their email address and mailman password. If you, as a list owner, have particular problems with the fact that your list archive will be private, please contact the Computer Security Team to discuss further.
2. BS Online
UCL has a subscription to British Standards Online. This means that the ISO 27000 (used to be BS 7799) series relating to Information Security Management is available to all in UCL. It's in the "databases" section of the UCL Library services page under "British Standards".
3. JANET "Security Matters" and course manuals
We have a few spare copies of this technical guide and a couple of spare course manuals form the JANET Security Management course to give away to anyone who wants to come and pick them up from our offices before Easter.
4. New location for CST
As you may gather from the point above, we're trying to clear out our offices as we will be moving to Central House after Easter - exact dates unknown. Phone numbers should remain unchanged, but please bear in mind there may be a slight hiatus in phone/email response for a day or two when this happens.
5. Data Classification guidelines (all-staff email of 27 Jan)
Word doc: http://www.ucl.ac.uk/cert/swg/policy/Guidelines10.html
If you have any outstanding comments on these, please mail email@example.com by the end of March.
Please note all correspondence from the UCL Computer Security Team is digitally signed either with personal PGP keys or the CERT team key (public keys available from http://www.ucl.ac.uk/isd/common/cst/contacts).
This newsletter and previous ones are available at http://www.ucl.ac.uk/isd/common/cst/cst-newsletters (except currently the March 2007 one as that had sensitive information in it).
We welcome feedback on the content and organisation of documents on our web page.