Following the recent theft of a laptop computer from one of our buildings, the University Secretariat wants to make everyone aware of the risks and some easy things we can all do to reduce the risk of it happening again.
A consultant issued with a SHUCard for the day was tailgated into the building by a thief who stole an unlocked laptop from an upstairs office. Someone saw the thief in the office but assumed it was a member of IT staff and so didn’t challenge him.
There was also a recent report of unauthorised access to another building when a delivery person propped open a door. On this occasion the individuals were challenged, taken out of the building and nothing was stolen.
Prevention measures
- Lock your PC or laptop when you leave your desk. It only takes a few seconds and really helps to reduce the data security risks. It is really easy to make this part of your routine. All you have to do is press the CTRL, ALT and DELETE keys. Then select “Lock this Computer”. When you want to access your machine again you press the CTRL, ALT and DELETE keys again and enter your password.
- If you are entering a secure building (i.e. one that requires you to swipe your SHUCard or for someone to buzz you in), don’t allow others to follow you in unless you are sure they are authorised. Make them swipe or buzz themselves or get them to show their SHUCard.
- If you aren’t sure that someone is authorised to be in a building or room, challenge them – ask them who they are, what they are doing, ask for ID.
- Make sure that any visitors issued with temporary SHUCards or passes understand that they must not allow others into the building.
- Supervise deliveries and don’t allow delivery staff to prop open doors that would allow unauthorised access to the building.
- Report any suspicious behaviour to the Security Control Room (2000 or (888 in an emergency.
- If someone asks you who you are or asks you for ID, please don’t be offended. We all need to help make sure that everyone is safe and that our buildings, equipment and data are secure.
Why is this important?
Portable IT equipment stores large amounts of University data, some of which is personal data about students, staff and other individuals. The loss of data may cause serious business and operational difficulties. The loss or unauthorised access of personal data is a breach of the Data Protection Act.
The loss of equipment also has financial implications and it may take time to replace it.
Where can I get further advice?
Helen Williamson, Information Governance Officer, SRD (3361)
Helen deals with security breaches involving personal data, advice on keeping personal data secure and compliance with the Data Protection Act.
Andy Fearnley, IT Security Officer, IS&T – (6486)
Andy deals with IT security, including the University’s network and portable IT devices.
Dawn Meates, Security Manager, FD (4516)
Dawn deals with the physical security of the campuses.