Cyber security is how staff, students and Queen's University Belfast working together reduce the risk of cyber-attack. Cyber security's core function is to protect the devices we all use (laptops, computers, tablets and smartphones), and the services we access, from malicious attacks. It's also about preventing unauthorised access to the vast amounts of information we work with on a daily basis.
For latest information on cyber security Get Safe Online (External Website)
Protecting Your Microsoft Windows PC
Key steps in protecting your Microsoft Windows PC
- Reboot your PC promptly when requested to apply new updates
- If your PC is a laptop please ensure that it is encrypted
- Save your work to OneDrive® or the network Q: drive – avoid keeping data on your device
- Carefully check the source of any application or data you want to download
- Lock your PC when you leave your desk
Protective Monitoring of your PC
Your work PC is managed centrally by a device management application called Kace®. Please do not attempt to disable this application as it is key to protecting your device - Kace® manages your PC regardless of where you work, in the office or at home.
If you have any problems with your PC please contact the IT Service Desk for further advice.
Lock your PC: For Windows devices use Ctrl + Alt + Del and select lock this PC.
- Protecting Your Macintosh Computer
Key steps in protecting your Macintosh computer
- Ensure that your device is configured to automatically download macOS updates; allow the Mac to install them when prompted. See https://support.apple.com/en-gb/HT201541 for details
- Ensure that you are running a currently supported version of macOS. Apple supports the current release and two previous versions only. Currently only macOS 10.14 and higher are supported. See https://support.apple.com/en-gb/HT201260 for details. Devices which are not able to run a supported version of macOS must be replaced.
- Ensure that Apple’s GateKeeper is enabled. This prevents unsigned software from running on the Mac. See https://support.apple.com/en-us/HT202491 for details.
- If your device is a MacBook, ensure that FileVault encryption is enabled. See https://support.apple.com/en-us/HT204837 for details.
- Save work to OneDrive or a network drive in preference to storing it locally. Use of iCloud for work purposes is not recommended.
- Lock the device if leaving it unattended (Control-Command-Q, or Apple Menu/Lock Screen).
- Ensure that you have enabled “Require password on wake from sleep”. See https://support.apple.com/en-gb/guide/mac-help/mchlp2270/mac
- Protecting Your iPad
Key steps in protecting your iPad
- Ensure that your device is configured to download the latest iPadOS releases and allow it to install them when prompted. See https://support.apple.com/en-gb/HT204204 for details.
- Ensure that your device is running the latest iPadOS (currently 14). Devices which are not capable of running the latest iPadOS represent a security threat and must be replaced.
- Ensure that you have set a passcode on the device. Use of biometric security (TouchID/FaceID) is recommended for convenience. Setting a passcode ensures that all data on the device is encrypted. See https://support.apple.com/en-gb/HT204060 for details.
- Save work to OneDrive rather than storing it locally on the device. Use of iCloud for work purposes is not recommended.
At present there is no central monitoring of Apple devices but certain Schools use tools such as Jamf Pro for management. The University aspires to provide a central service in the medium term. If you have queries please direct them to your local IT support team or the University Service Desk.
- Protecting your computer at home
Protecting your PC at home
- Applying new Windows Updates released by Microsoft
- Applying all application software Updates released by the manufacture
- Keeping up-to-date Anti-Virus Software on your PC
- Using an appropriate Home Firewall Product
- Ensure you have an up to date Operating System
10 easy rules to secure your personal data & protect your devices
If you do not take these measures then your home PC is potentially a serious risk to yourself and others.
GetSafe Online is a government initiative intended to provide home users with easy-to-understand advice on protecting home computers and phones from malicious attack. For more information visit the GetSafe Online website.
Windows Update: Windows Update is a facility to keep your Windows operating system up to date and help to protect your PC from viruses. Use Automatic Updates to obtain the latest updates as they are released by Microsoft and have them installed at a pre-set time.
Application Software Updates: Not keeping your programs up to date can result in serious issues, affecting both your computer and your own personal security. These include: Viruses, spyware and other malware. Cyber-criminal attacks. Crashing, freezing and generally poor performance.
As well as resolving security issues, software updates frequently contain improvements and new features.
Important Note: If you use a PC off campus and suspect that the PC has become infected then you should not under any circumstances transfer files between that PC and any University PCs until the virus has been removed.
Firewall for Home Use: Staff and students working from home are strongly advised to protect their PCs using an appropriate home firewall product. These products allow users to determine which Internet traffic reaches their PC. The default Windows firewall is recommended for home users.
Ensure you use an up-to-date Operating System (OS) which is still supported by the manufacturer, an out of date OS will leave your computer vulnerable to many attacks including:
- Stealing your personal and financial details
- Committing identity theft in order to apply for bank accounts, passports and other facilities in your name.
- Monitoring your email and other Internet usage.
- Making your PC part of a botnet, commonly used to attack corporate or government websites.
- Protecting your smartphone
Protecting your smartphone
- Set a passcode on the device. Use of biometric security (TouchID/FaceID) is recommended for convenience
- Ensure that the device is encrypted.
- Ensure that the device has the latest updates.
- If the device is University owned it must have Mobile Device Management (MDM) installed.
- Use OneDrive® to store University data, do not save it on the device.
- Never leave your device unattended.
Use of personal mobile devices for University business is allowed e.g. Email, MS Teams, but it is your responsibility to ensure that the device is properly protected. Failure to comply with these requirements may be a breach of the University’s Computer Resources – Acceptable Use Policy.
Travelling with your device
- Secure your computers and mobile devices.
- Use a virtual private network (VPN).
- Travel only with the data you really need.
- Be wary of using public or shared computers.
- Make use of secure remote access to do work (e.g. use Outlook Web Access for email)
Travel to high-risk countries
If you’re travelling to higher-risk countries, then you may need to be prepared for a different experience e.g. we are aware of people visiting China experiencing a range of security issues such as restricted access to popular services (including Gmail, Wikipedia and social media sites); government monitoring of communication services; untrustworthy wifi connections; restricted use of VPN; and devices left in hotel rooms being accessed without authorisation.
You should always check the UK foreign office advice before travelling and take the following basic precautions:
- Don’t take your own laptop, take a new build “loan” laptop with no encryption.
- Don’t store any data that isn’t publicly available.
- Don’t take mobile devices like iPhone, iPads and USB storage devices.
- Where possible use a VPN to help secure your network connections.
- Don’t check emails or remotely access any other services that store University data
Data encryption software is used to protect sensitive or confidential data where data will be used in a mobile environment. For details see the Encryption Guide
General Security Advice
- Always check where an email came from, don't assume that the sender is always who you think it is.
- Always think twice before clicking a link
- Report security incidents or scam emails asking for your credentials to the IT Service Desk immediately.
- Never leave your phone, tablet, or laptop unattended.
Advice on Phishing and Ransomware
This 4-page PDF defines and gives advice to help you respond to phishing attempts
For information on Ransomware please see Protecting Against Ransomware Attacks
Microsoft Defender for Office 365
Information Services is implementing Microsoft Defender for Office 365 which will add some additional features to protect users from malware, phishing and spam emails.
Last Updated: November 2020