XClose

Research Integrity

Home
Menu

Information Security

The UCL Information Security Group exists to support the University in its management of information risk, providing strategic guidance, advice, and support to staff and students as well as coordinating the handling of security incidents across UCL.

The UCL Information Security Policy is available on their webpage, including details of the Knowledge Base that is being created which brings together best practice on information security for UCL as well as offering advice, such as on encryption.

Training

There are several training options available to staff and students in information security such as the Information Security Awareness Moodle course as well as an interactive anti-phishing game.

General Data Security Guidance

 

Antivirus Software

Hackers and malware programs target devices that access the internet and so it is important to ensure that devices have antivirus software installed, and that it regularly updated. It is advisable to ensure the firewall on your device is turned on for additional protection. It is also advisable to update operating systems and web browsers as outdated versions are more susceptible to viruses and hacking.

Personal Computers and Devices

Many people use personal devices such as home computers and laptops for work purposes and it is important to ensure that the data on these devices are secure. The device should be password protected and if others have access to the device, such as other family members, it is best practice to create different users so that only you have access to the data. You should also consider encrypting those files.

Personal devices can be stolen or lost and so it is good practice to only store what is necessary on them as well as ensuring that the data is encrypted. If data is no longer needed it should be removed. In addition, if researchers decide to sell or gift a device, they should ensure that all data has been securely wiped from the device.  Deleting files is not enough as it is possible to still recover data after it has been deleted and so wiping software should be used to ensure that no data remains.

File Sharing Sites

It is important to check the privacy policy of data sharing sites to see where the site based, such as outside the EEA, or any conditions regarding ownership and use of data uploaded to such sites. Sites such as Dropbox should not be used for anything other than sharing 'normal' data and encryption is recommended.

Wifi and public internet access

Though a personal device such as a laptop may have antivirus software to protect it researchers should be careful on how they access the internet. For example, wifi available in cafes and other stores are likely to be targeted and so it is advised not to use these options. Private password protected wifi options are best. Never use public computers such as those available in internet cafes to access data as these systems are not secure and could easily leave the data open to attack from viruses or use by others.

UCL offers a Virtual Private Network that provides a resilient, secure means of accessing private UCL corporate central services from off-site locations. This VPN service encrypts data and effectively connects the device to the UCL network, giving access to UCL facilities including electronic journals etc. More information on this can be found on the Remote Access VPN Service webpage.

Please visit the Information Security Policy Group webpage for further guidance on all security issues: