Keeping our data safe and secure: cyber security at Leeds Beckett
It’s Leeds Beckett’s IT Security Manager, Matthew Page’s, responsibility to assess potential risk around data breach, hackers and viruses, balancing them against the benefits of harnessing opportunities and academic freedoms associated with information sharing.
Matthew joined Leeds Beckett in August 2016 with the task of building a security framework underpinned by policies and procedures to keep our data safe and secure, reviewing and adding to them where necessary. He is currently visiting all areas of the University, meeting staff and providing advice and support: “It’s important that IT security is seen as an approachable function and I want people to feel comfortable if they have an issue or concern in contacting me to help find a solution,” Matthew said.
“The key is to ensure that the right people have the right level of access to the right data. Every piece of information is important and we need to consider the potential impact of losing data across the whole University, assessing the risks and taking action to protect it.”
Ever changing hacking techniques make it difficult to protect our systems and data. We all have to remain vigilant when clicking on links. Over the last 24 months there has been a dramatic rise in the number of email phishing attacks. These are designed to trick users into giving their out account details or to unwittingly download malicious software which compromises the security of the computer. Hackers can then use this software to gain access to data across the network. Ransomware is used to encrypt data which they hope to receive payments in return for the data access. To combat this IT Services have to restore the data from backups and also track down the infected machines to remove the source of the problem. This can be time consuming and distracts from the day to day running of IT Services and the delivery of our University’s strategic objectives.
Recently there have been a number of breaches across the education sector. Universities in Greenwich, Manchester, Birmingham and Cambridge have all been targeted recently. Here are some examples of successful breaches:
- A hacker claiming to be a disgruntled former student gained access to a university’s website and stole personal data.
- A student hacked into a university system to improve his grades.
- The 17-year-old responsible for the Talktalk hacks had previously successfully targeted universities.
The above cases are only a sample, but demonstrate that universities are being targeted by cyber criminals.
Matthew is a member of the Prevent Working Group which provides a wider awareness and link into regional and national issues, and activity. Nationally, cyber security is taken seriously and the Government has set up the National Cyber Security Centre (NCSC). They have published some useful advice often used in schools which can be helpful, particularly for children and vulnerable people. This is available via: https://www.getsafeonline.org/ and https://www.cyberaware.gov.uk/
Matthew will be adding information and advice to the IT Security pages on the intranet to help raise awareness and provide up to date advice and support.
On this page are the ‘Ten golden rules’ so please take a look.
Passwords - love them or hate them, they are here to stay for a while. For help on choosing a good one please see the password guidance on the IT security page. You should never give anyone your password or account details. If you think your password has been compromised, please change it immediately and notify the service desk.
Sharing data is an important part of university life and with data becoming an increasingly lucrative target for criminals, we need to ensure we share data appropriately and securely. As part of the IT Strategy, IT Services are reviewing the risks and implementing appropriate measures to protect our University’s data. There is another vital element to securing the environment and that is you. We must all be vigilant, so if you see something unusual or suspicious please report it to the service desk and ask for advice.
Find out more by emailing Matthew.