To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

IT Security Policies


Overview

Our University is committed to providing a modern and stable IT environment for our students and staff.  We hope this will enable everyone to use IT as an enabler for any activity they choose to engage in.  In order to achieve this, the Information Governance Steering Group has reviewed our IT Security policies and we would like to share these with you.  We take the matter of IT security very seriously and we would ask that you read these policies and help keep our University IT environment safe and secure for all users.

Principal IT Security Policy

IT Security Policy Structure

The IT Security Policy Structure Diagram illustrates how the IT Security Policy aligns with the Information Security Policy and shows the component parts of the policy.

Bring Your Own Device (BYOD) Policy

The purpose of the BYOD Policy is to maintain the security of the Leeds Beckett University’s information assets when they are being accessed from devices personally owned by users (such as PDA’s, mobile phones, laptops, tablets etc.).

Computer Protection Policy

The Computer Protection Policy defines how university-controlled end-point devices – servers and user devices - are protected from security vulnerabilities. It includes appropriate technical and procedural controls to reduce risk and meet the requirements of other university IT Security Policies.

Cryptography Policy

The purpose of the Cryptography Policy is to set out when and how encryption should (or should not) be used. It includes protection of personal, confidential and commercially sensitive information and communications.

Information Handling Policy

The purpose of the Information Handling Policy sets out Leeds Beckett University’s definition of, commitment to, and requirements for Information Handling. It sets out the need to define classes of information handled by the organisation and the requirements for the storage, transmission, processing and disposal of each.

Mobile Computing Policy

The purpose of the Mobile Computing Policy is to maintain the security of the Leeds Beckett University’s information assets when they are used from mobile devices (such as PDA’s, mobile phones, laptops, tablets etc.); these devices need not be owned by Leeds Beckett University but are being used to access its information technology systems.

Network Management Policy

The purpose of the Network Management Policy is to define how the Leeds Beckett University networks are designed and how systems are connected to them. It includes appropriate technical and procedural controls to reduce risk and meet the requirements of the Information Handling Policy.

Software Management Policy

The Software Management Policy sets out how the software which runs on the Leeds Beckett University’s information technology systems is managed. It includes controls on the installation, maintenance and use of software, with appropriate procedures for upgrades to minimise the risk to information and information technology systems.

System Planning and Management Policy

The purpose of the System Planning and Management Policy is to define how Leeds Beckett University information technology systems are specified, designed and managed. It includes processes for identifying requirements and risks, and designing appropriately configured systems to meet them.

User Management Policy

The purpose of the User Management Policy governs the creation, management and deletion of user accounts. It also sets out the principles for the granting and revocation of privileges associated with user accounts.

Use of Computers Policy

The purpose of the Use of Computers Policy and Computer Password Policy is to define the acceptable actions of any individual who interacts with Leeds Beckett University’s information technology systems.

Wireless Communication Policy

The Wireless Communication Policy establishes standards that must be met when wireless communications equipment is connected to Leeds Beckett University’s networks. Only wireless systems that meet the criteria of this policy are approved for connectivity to Leeds Beckett University’s networks.

Further Information