Skip to main content

Data Security - Protecting Our Information


The business of the University depends heavily on computerised information systems, in particular:

  • Data which is often sensitive and must be protected from loss, corruption and unauthorised access
  • Re-entry of lost data can be painstaking and very time consuming 
  • Loss of data can impact upon deadlines and can have wide ranging implications - including breach of legal requirements
  • Electronic records are increasingly becoming the only source of original data

For latest information on internet security Get Safe Online [External Website]

Data and Information Security Policies and Acceptable Use Guidance

These apply to all members of staff, visitors, contractors and students of the University and must be read before computer resources are used.

Acceptable Use
Computer Resources - Acceptable Use Policy
Staff Computing at Queen's - Acceptable Use Guide
Student Computing at Queen's - Acceptable Use Policy
Data/Information Security
Information Security Policy
Information Handling
Mobile Computing Policy
Guidance on Storing and Accessing Sensitive Information

Protecting Your Devices

Click titles below to expand each section

Protecting Your PC at Work

Key steps in protecting your PC

  1. Apply new Windows Updates as released by Microsoft 
  2. Install and maintain an up-to-date version of Symantec Anti-Virus (SAV) software on your PC
  3. Save your work to the network Q: drive
  4. Lock your computer when you leave your desk 

The above steps should be automated and once set up correctly your PC should not represent a threat to others. If you have problems updating Windows or Symantec AntiVirus (SAV) then please contact the IT Service Desk for further advice.

Viruses may be spread by email attachments or by files introduced into the campus.  In particular files held on removable media (e.g. USB ) or files downloaded from the internet.  As well as protecting your PCs (at work and at home) from viruses you should exercise caution when opening email attachments.  For more on emails refer to the Phishing section

Note: You should only ever load files onto your PC if you have a properly configured and up-to-date version of SAV running.  

Protecting Work PCs With Anti-Virus Software: The University provides a copy of Symantec Anti-Virus for every PC and Apple Mackintosh Desktop.  See Installing and Configuring Symantec Anti-Virus (pdf file - 3 pages).

Lock your computer: For Windows devices use Ctrl + Alt + Del and select lock this computer. For Apple Mackintosh desktops use Ctrl + Shift + Eject.

Note: You will require Adobe Acrobat Reader on your computer to download pdf files.  This software can be downloaded from the Adobe website

Protecting Your PC at Home

The three key steps in protecting your PC at home are:

  1. Applying new Windows Updates released by Microsoft
  2. Keeping up-to-date Anti-Virus Software on your PC
  3. Using an appropriate Home Firewall Product

If you do not take these measures then your home PC is potentially a serious risk to others.

GetSafe Online is a government initiative intended to provide home users with easy-to-understand advice on protecting home computers and phones from malicious attack. For more information visit the GetSafe Online website.

Windows Update: Windows Update is a facility to keep your Windows operating system up to date and help to protect your PC from viruses.  If you have Windows use Automatic Updates to obtain the latest updates as they are released by Microsoft and have them installed at a pre-set time.    

Protecting Home PCs with Anti-Virus Software: Staff at Queen’s University are entitled to a copy of Symantec Anti-Virus (SAV) for home use.  SAV CDs are available from the IT Service Desk in the McClay Library.  Installation is a simple process and full instructions are contained on the CD.   (Please note that different versions of the SAV CD are available for home and office use – please ensure that you have the correct version).

If you are not entitled to a home copy of SAV then there are a number of free software packages available.  Information Services has evaluated a number of free of charge software packages and recommend Microsoft Security Essentials. Students working on home PCs are advised to install one of these products.

Important Note: If you use a PC off campus and suspect that the PC has become infected then you should not under any circumstances transfer files between that PC and any University PCs until the virus has been removed.

Firewall for Home Use: Staff and students working from home are advised to protect their PCs using an appropriate home firewall product.  These products allow users to determine which traffic to allow to reach their PCs and are usually quite easy to install and configure. Information Services recommend Microsoft Security Essentials.

Note: You will require Adobe Acrobat Reader on your computer to download pdf files.  This software can be downloaded from the Adobe website


Protecting Your Mobile Device

If you use your own device, such as a smartphone or tablet computer to connect to the University network or to access University systems such as email you must adhere to the Computer Resources – Acceptable Use Policy. You should also follow the 4 steps below to protect both University Data and your own Personal Data.

  • PROTECT your device with a password or pin number of at least 4 characters
  • CHECK – before you download an app, is it from a reliable source e.g. iStore, Google Play, Amazon App Store. With Android devices ensure the Verify Apps security feature is running
  • INSTALL - an anti-virus application on your device
  • REPORT – if your personal device holds University data such as email, and is lost or stolen, you must report the loss to your manager and follow the advice below to wipe the device

Lost devices

If you have lost you mobile device (personal or University owned) or it has been stolen, you can wipe the device by following the instructions below:

  1. Log into Webmail
  2. Click on Options > See All Options... in the banner at the top right of the page.

     Mobile Options


  1. Choose Phone from the menu on the left of the page.
  2. You should see a list of any mobile devices you have recently synchronised with your account.
  3. Click on the device in the list to select it then click Wipe Device ‌

Wipe Device

6. The next time the device tries to synchronise with the University Mail Server it will be wiped. You will receive an email with confirmation that the wipe has taken place.

Junk Mail/Spam - Phishing

What is Phishing? – A potential compromise of your information

How Phishing Works

“Phishing” is an attempt to steal your information. Criminals pretend to be a legitimate business to get you to disclose sensitive information, such as email account passwords, credit and debit card numbers, banking information, and commercial information about the company you work for. Please read this advice as it could help prevent you becoming a victim of a phishing attack.

  1. A criminal sends a large number of emails to people using lists of email address identified as active. These emails appear to be messages from a company or organisation known to you or even from an internal source such as the IT Helpdesk. A common example contains a fictitious story designed to lure you into clicking on a link – Here is a real life example of such an email:‌


    2.  The phishing email will ask you to fill out a form or click on a link or button that takes                you to a fraudulent website.

    3.  The fraudulent website mimics the company referenced in the email, and aims to extract           your sensitive personal data.

 In essence, you think you're giving your information to a trusted organisation when, in fact, you're giving it to a criminal.

Note that phishing emails can also lure you to open suspicious attachments or visit websites that can infect your computer with malware.

How to Spot a Fake Email

There are many telltale signs of a fraudulent email:

  • False Sense of Urgency – Many scam emails tell you that your account will be in jeopardy if something critical is not updated right away.
  • Spelling and grammar mistakes – often these emails contain multiple spelling mistakes which is a good indicator of suspicion.
  • Fake Links – These may look real, but they can lead you astray. Check where a link is going before you click by hovering over the link in an email, and comparing it to the link in the browser. If it looks suspicious, don't click.
  • Attachments – The vast majority of organizations will never send you unsolicited attachments or software. Attachments can contain malware, so you should never open an attachment unless you are 100% sure it comes from a legitimate source.

Here are some more examples:



Will Queen's ask you for account details in an email communication?

NO – Queen’s University Belfast will never ask you to submit your account details to a link or form in an email communication and indeed no reputable company will ask for such details in an email communication – if you get any such email requests for your Queen’s account details even if they look like they came from Queen’s, please forward to for advice – DO NOT RESPOND TO ANY EMAIL ASKING FOR ONLINE ACCOUNT DETAILS.

What should I do if I think if I have replied to a phishing email?

Change your password immediately and report to the organisation who maintain your account - for Queen’s this is Remember to change that same password if you use it for other online accounts and never use that password ever again for any online account.

What are the consequences if I have replied to a phishing email?

You should be aware that the confidentiality of any information protected by an account password is gone once you respond to a phishing email. This could have serious business consequences both for you personally and Queen’s University Belfast, especially if you have Queen’s Corporate Information1 or Personal Data2 about citizens in the potentially compromised account. If you have any concerns about the compromise of such information you must report this to your Line Manager or Head of School and, to help limit any potential damage to the University’s business processes.

Report suspected phishing

If you receive an email which you are unsure about, FORWARD it as an attachment (see below) to where it will be evaluated to determine if it is a fake. If it is a fake, then we will get the source of the email shutdown as quickly as possible. By reporting these emails you will help to protect yourself and everyone else too.

Note: Please FORWARD the suspect email as an attachment don’t cut and paste the contents because valuable tracking information about the source will be lost.

How to forward as an attachment in Outlook



1 For example Financial Data, Intellectual Property, Research Data etc.

2 Personal Data as defined by The Data Protection Act 1998


Phishing Resources

Here are some useful links to more on phishing:


Passwords are the simplest form of security, but they are also the most overlooked by users.


  • Remember a password is case sensitive.
  • Must be at least six (6) characters long.
  • Must include at least one (1) uppercase letter.
  • Must include at least one (1) number.
  • Must not include part of your name or username.
  • New password may not have been used previously during the last six (6) months.


  • Share your password or write it down
  • Use a password that someone can easily guess such as birthday, maiden name or family name
  • Use a word that can be found in a dictionary
  • Use a password that is similar to a previous one

A strong password is also essential see Passwords for more details and instructions on what to do if you forget your password


Data encryption software is used to protect sensitive or confidential data where data will be used in a mobile environment. For details see Guide to Encrypting Data 

Top Tip

Last Updated: July 2015

In This Section

            Twitter Icon