Protect data and my devices
UWE Bristol promotes a culture where information is created, managed, used and shared effectively.
Everyone must take steps to secure all their devices to reduce the risk of a data breach. Portable devices such as smartphones and tablets are mobile computers and so they are also exposed to many of the same malware (eg virus) as desktop computers.
If you would like to transport or store information outside the University storage facilities you must take reasonable steps to protect data. Please read the below dos and don'ts and scenarios for guidance.
- Read the Acceptable Use Policy to understand the responsibilities of all students and staff, when using IT facilities provided by the University.
- Read the Information Handling Policy to determine if you are reading, processing or storing restricted or confidential information.
- Use only University managed devices to read, process or store restricted or confidential information.
- Protect (encrypt) USB storage drives that contain confidential or restricted information.
- If you password protect a document, send the password by another method eg text message or phone.
- Only share restricted and confidential information with those authorised to view it.
- Protect your personal devices with antivirus software, turn on automatic software updates, update your web browsers and any other software.
- Save confidential or restricted files to personal devices.
- Read, process or store confidential or restricted information on your personal device (eg personal computers or mobile phones).
- Connect unknown USB drives to any computer.
Who should I contact if I'm not sure?
- For help with handling information eg identifying personal data, how it should be handled or when it can be deleted, contact your local data protection liaison officer (Intranet access only).
- For all student queries and / or questions on GDPR or data protection, contact the Data Protection and Records Management Officer.
- For help protecting your information, review the Information Security Toolkit including the information security policies. For further support, contact the IT Service Desk.
I have confidential information stored on my University OneDrive for Business, do I need to protect (encrypt) the files individually?
No, OneDrive for Business is encrypted both in the cloud and on the University managed device that it synchronises to.
When should I protect (encrypt) individual files?
I would like to transport confidential information using a storage device eg USB drive.
Protect the storage device using encryption. If the device is encrypted you will not need to protect (encrypt) the files individually.
Encrypting data makes the information unreadable unless the viewer uses a secret key to unlock it, called decryption. It can be applied to both stored data, computer drives or USB storage devices and data transferred through networks.