Our University is committed to providing a modern and stable IT environment for our students and staff. We hope this will enable everyone to use IT as an enabler for any activity they choose to engage in. In order to achieve this, the Information Governance Steering Group has reviewed our IT Security policies and we would like to share these with you. We take the matter of IT security very seriously and we would ask that you read these policies and help keep our University IT environment safe and secure for all users.
Principal IT Security Policy
IT Security Policy Structure
Bring Your Own Device (BYOD) Policy
The purpose of the BYOD Policy
is to maintain the security of the Leeds Beckett University’s information assets when they are being accessed from devices personally owned by users (such as PDA’s, mobile phones, laptops, tablets etc.).
Computer Protection Policy
The Computer Protection Policy
defines how university-controlled end-point devices – servers and user devices - are protected from security vulnerabilities. It includes appropriate technical and procedural controls to reduce risk and meet the requirements of other university IT Security Policies.
The purpose of the Cryptography Policy
is to set out when and how encryption should (or should not) be used. It includes protection of personal, confidential and commercially sensitive information and communications.
Information Handling Policy
The purpose of the Information Handling Policy
sets out Leeds Beckett
University’s definition of, commitment to, and requirements for Information Handling. It sets out the need to define classes of information handled by the organisation and the requirements for the storage, transmission, processing and disposal of each.
Mobile Computing Policy
The purpose of the Mobile Computing Policy
is to maintain the security of the Leeds Beckett
University’s information assets when they are used from mobile devices (such as PDA’s, mobile phones, laptops, tablets etc.); these devices need not be owned by Leeds Beckett
University but are being used to access its information technology systems.
Network Management Policy
The purpose of the Network Management Policy
is to define how the Leeds Beckett
University networks are designed and how systems are connected to them. It includes appropriate technical and procedural controls to reduce risk and meet the requirements of the Information Handling Policy.
Software Management Policy
The Software Management Policy
sets out how the software which runs on the Leeds Beckett
University’s information technology systems is managed. It includes controls on the installation, maintenance and use of software, with appropriate procedures for upgrades to minimise the risk to information and information technology systems.
System Planning and Management Policy
The purpose of the System Planning and Management Policy
is to define how Leeds Beckett
University information technology systems are specified, designed and managed. It includes processes for identifying requirements and risks, and designing appropriately configured systems to meet them.
User Management Policy
The purpose of the User Management Policy
governs the creation, management and deletion of user accounts. It also sets out the principles for the granting and revocation of privileges associated with user accounts.
Use of Computers Policy
Wireless Communication Policy
The Wireless Communication Policy establishes standards that must be met when wireless communications equipment is connected to Leeds Beckett University’s networks. Only wireless systems that meet the criteria of this policy are approved for connectivity to Leeds Beckett University’s networks.