Security and Data Management Policy
The Faculty implements the following Security and Data Management Policy to ensure the safety of the Raised Faculty Building's computing infrastructure, our data and the safety of our computer users.
Access to network infrastructure
The Faculty's network infrastructure is secured within the Raised Faculty Building's Comms Rooms. Access to the rooms is via key access and is granted strictly through members of the the building's IT staff, be that either MML or the Faculty of Philosophy. Visitors are accompanied at all times.
Access to the wired network. Access to the building's wired network is permitted only via authorised workstations owned by the Faculty.
Access to the wireless network. Staff and students are welcome to bring their own portable devices into the building and to connect to our wireless network via either Lapwing or Eduroam.
Workstation access
Access to workstations is managed separately for staff and students. Staff offices are locked and so physical access to these workstations is limited to keyholder only. Out-of-hours access to student computing facilities is managed via swipe card with the exception of the Library where the opening hours of the computing facilities are dictated by those of the Library itself.
Staff and students are reminded that you should never share your password with anyone else, leave your login details visible anywhere and always remember to logout at the end of your session - particularly if you are a student using a shared machine in one of our computing facilities.
Access to teaching rooms. Out-of-hours access to the workstations located in the teaching rooms is via key access.
Workstation security. If you believe your computer has been compromised in some way notify IT support immediately and disconnect your computer from the network - but do not switch it off as we may lose critical information to help us diagnose the problem. Equally, if IT Support are notified of a machine that may have been hacked by CERT (the University's IT security team based in the Computing Service) we are obliged to investigate and remove the computer from the network in order to minimise the potential spread of any problems.
Access to data
Staff. Access to the data stored on the Faculty's servers is via locally authorised login and encrypted connection. By default, staff only have access to their own filespace. Requests for additional resources and increased quotas should be directed to MML IT Support. Administrative staff are granted access to shared filespaces to facilitate collaboration with colleagues where appropriate and access is only granted to those areas deemed necessary. Staff can access their filespace from outside of the Faculty via encrytped connection.
Academic staff who have administrative access to their own machines are responsible for ensuring the security, updated virus protection and legality of the software installed on their machines. Requests for new software/upgrades/additional licenses should be made to IT support.
Students. Student data is stored centrally on the Computing Service's MCS DS File Store. Students are also encouraged to keep their own copies of their data and MML IT Support provide advice on the most appropriate methods of doing this.
Visitors. Academic visitors are granted access to the central Computing Service facilities including the DS File Store. Authorised short-term visitors to the Faculty (e.g. external examiners) are granted access to the DS File Store and MCS computing facilities by means of allocation of a temporary conference userid via the Faculty Office or MML IT Support.
Data Integrity
Staff. Staff using workstations belonging to the Faculty work locally on files stored on their hard drives during the day. When they logout, either at lunchtime or at the end of the day, their files sync back to the main file server. The main file server is, in turn, backed up to a secondary server located in another Comms Room at the opposite corner of the building.
Students and visitors. Students and visitors' data is stored on and backed up from the main Computing Service MCS DS File Store. MML IT Support are happy to advise on appropriate additional backup methods.
Special Data Sets. Exams data. We are advised that storing our exams data on the network is insecure. Exams data is stored on USB stick with additional paper copies as backup.
Joiners and leavers procedures. The creation and cancellation of student accounts is handled through the colleges and the Computing Service. Applications for new staff who require access to the Faculty's own servers and workstations should be made to IT Support either through the relevant Departmental Office or the Faculty Office. Upon leaving passwords to staff accounts are changed in advance of the account being completely cancelled. Staff are expected to have made the appropriate arrangements for handover of their data with their Department, or the Faculty Office and all sensitive personal data should be removed in advance of the agreed leaving date.
Equipment Disposal. Redundant IT equipment is disposed of through suitably accredited WEEE Waste Carriers. Hard drives containing sensitive data are wiped.
Relevant external policies
The Faculty adheres to the following policies laid down by the Information Strategy and Services Syndicate (ISSS), Computing Service and Human Resources Division
Use and Misuse of Computing Facilities
Acceptable use of computer facilities, email and the internet
Working Safely with Display Screen Equipment
