Skip to Content

Cyber Security - Protecting Our Information

Cyber Security

Cyber security is how staff, students and Queen's University Belfast working together reduce the risk of cyber-attack.  Cyber security's core function is to protect the devices we all use (laptops, computers, tablets and smartphones), and the services we access, from malicious attacks. It's also about preventing unauthorised access to the vast amounts of information we work with on a daily basis.

For latest information on cyber security Get Safe Online (External Website)

Protecting Your Devices

  • Protecting Your Microsoft Windows PC

    Key steps in protecting your Microsoft Windows PC 

    1. Reboot your PC promptly when requested to apply new updates
    2. If your PC is a laptop please ensure that it is encrypted
    3. Save your work to OneDrive® or the network Q: drive – avoid keeping data on your device
    4. Carefully check the source of any application or data you want to download
    5. Use work related software only
    6. Lock your PC when you leave your desk
      1. Use Ctrl + Alt + Del and select lock this PC 
      2. Or use the Windows Key + L 
    7. Use USB devices with caution 

     

    Protective Monitoring of your PC

    Your work PC’s security is monitored centrally by Microsoft Defender, a security platform and antivirus that can give the Cyber Security team an insight of malicious activity on your device. Please do not attempt to disable this application, or install any other antivirus as this can interfere with the monitoring carried out by Defender. 

    If you have any problems with your PC please contact the IT Service Desk for further advice.

  • Protecting Your Apple Device

    Key steps in protecting your Apple Device 

    All University issued Macintoshes and iPads are automatically enrolled with the central management service, Jamf [https://www.jamf.com]. Devices which are ordered from the approved suppliers, Academia, should be automatically allocated to the QUB Jamf account; systems ordered from other suppliers require manual enrolment which involves a device erase – for this reason any non-Academia purchase should be discussed in advance with DIS. 

    You can check that your device is enrolled with the Jamf service by: 

    • On macOS go to the Apple Menu and select System Settings. In System Settings click on General, scroll to the bottom of the right pane and click on Device Management. You should see a window like the image below, stating "This Mac is supervised and managed by: Queen's University Belfast" 
    • On iPadOS open Settings and select General. Scroll down to the "VPN & Device Management" item and tap on it. Under "Mobile Device Management" you should see an entry for Queen's University Belfast. There is a reference to the School of Mathematics and Physics which reflects the origin of the campus service. 

    If your device does not show this management information please contact the service desk, including the device serial number. 

    When configuring a new Mac or iPad you will be prompted to accept device management, and asked to provide your details. If this does not happen then please contact the service desk.   

    The most important thing you can to do secure your Apple device is ensure it is running the latest macOS or iPadOS release. At the time of writing (August 2025) these are macOS 15 and iPadOS 18. Apple releases a new version of their operating systems each year around September, and from the 2025 release onwards these will be named after "model years" with macOS/iPadOS 26 coming out in late 2025.  

    Apple only guarantees to fix all security issues in the current version of macOS/iPadOS. They provide some level of support for the two previous versions of macOS, and the previous iPadOS. To ensure our systems are fully secure we require that all devices are running the latest version of their operating system, and devices which cannot do that must be retired. While we do not expect everyone to immediately upgrade their devices each September, those feeling adventurous can usually upgrade when the "x.01" release comes out after a few weeks, and most people should be fine to upgrade when the "x.1" version comes out, typically around six weeks later. 

    Managed systems will have suitable security settings and software installed automatically. We ask that users who are not regularly using a device still sign into it about once a month to ensure that the latest patches, etc, are applied. We use software to force the installation of OS updates and if a device has been offline for some time these will need to be installed before the system can be used. 

  • Protecting your computer at home

    Protecting your PC at home

    1. Applying new Windows Updates released by Microsoft
    2. Applying all application software Updates released by the manufacture
    3. Keeping up-to-date Anti-Virus Software on your PC
    4. Using an appropriate Home Firewall Product
    5. Ensure you have an up to date Operating System

    10 easy rules to secure your personal data & protect your devices

    If you do not take these measures then your home PC is potentially a serious risk to yourself and others.

    GetSafe Online is a government initiative intended to provide home users with easy-to-understand advice on protecting home computers and phones from malicious attack. For more information visit the GetSafe Online website.

    Windows Update: Windows Update is a facility to keep your Windows operating system up to date and help to protect your PC from viruses.  Use Automatic Updates to obtain the latest updates as they are released by Microsoft and have them installed at a pre-set time.    

    Application Software Updates:  Not keeping your programs up to date can result in serious issues, affecting both your computer and your own personal security. These include: Viruses, spyware and other malware.  Cyber-criminal attacks.  Crashing, freezing and generally poor performance.

    As well as resolving security issues, software updates frequently contain improvements and new features.  

    Important Note: If you use a PC off campus and suspect that the PC has become infected then you should not under any circumstances transfer files between that PC and any University PCs until the virus has been removed. 

    Firewall for Home Use: Staff and students working from home are strongly advised to protect their PCs using an appropriate home firewall product.  These products allow users to determine which Internet traffic reaches their PC.  The default Windows firewall is recommended for home users.

    Ensure you use an up-to-date Operating System (OS) which is still supported by the manufacturer, an out of date OS will leave your computer vulnerable to many attacks including:

    1. Stealing your personal and financial details
    2. Committing identity theft in order to apply for bank accounts, passports and other facilities in your name.
    3. Monitoring your email and other Internet usage.
    4. Making your PC part of a botnet, commonly used to attack corporate or government websites. 

    Note: Windows 10 is End-Of-Life in October 2025, unless you have extended support you should now be using Windows 11.  

  • Protecting your smartphone

    Protecting your smartphone

    1. Set a passcode on the device.  Use of biometric security (TouchID/FaceID) is recommended for convenience
    2. Ensure that the device is encrypted.
    3. Ensure that the device has the latest updates.
    4. If the device is University owned it must have Mobile Device Management (MDM) installed.
    5. Use OneDrive® to store University data, do not save it on the device.
    6. Never leave your device unattended.

     

    Use of personal mobile devices for University business is allowed e.g. Email, MS Teams, but it is your responsibility to ensure that the device is properly protected. Failure to comply with these requirements may be a breach of the University’s Computer Resources – Acceptable Use Policy.

  • Travelling with your device

    General Advice

    • Secure your computers and mobile devices.
    • Use the QUB virtual private network (VPN) - if this is not set up on your device speak to the service desk.
    • Travel only with the data you really need.
    • Be wary of using public or shared computers.
    • If you have to use another computer ensure that any login details you put in aren’t cached, and if you’re concerned ensure you change your password ASAP. 
    • Make use of secure remote access to do work (e.g. use Outlook Web Access for email)

    Travel to high-risk countries

    If you’re travelling to higher-risk countries, then you may need to be prepared for a different experience e.g. we are aware of people visiting China experiencing a range of security issues such as restricted access to popular services (including Gmail, Wikipedia and social media sites); government monitoring of communication services; untrustworthy wifi connections; restricted use of VPN; and devices left in hotel rooms being accessed without authorisation.

    You should always check the UK foreign office advice before travelling and take the following basic precautions:

    • Don’t take your own laptop, take a new build “loan” laptop with no encryption.
    • Where possible use a VPN to help secure your network connections.
    • Take the least amount of data possible, either on the laptop or on an encrypted USB pen 
    • If onsite QUB access is needed consider using Citrix, you would need to apply for access before you leave
    • If checking emails, use an incognito window and accessed via the web rather than outlook 
  • Encryption

    Data encryption software is used to protect sensitive or confidential data where data will be used in a mobile environment. For details see the Encryption Guide

General Security Advice

  • Always check where an email came from, don't assume that the sender is always who you think it is.  
  • Always think twice before clicking a link
  • DO NOT RESPOND TO ANY EMAIL ASKING YOU TO UPDATE OR VERIFY YOUR ONLINE ACCOUNT DETAILS
  • Report security incidents or scam emails asking for your credentials to the Cyber Security team immediately on abuse@qub.ac.uk
  • Never leave your phone, tablet, or laptop unattended.‌‌
Advice on Phishing and Ransomware

For information on Ransomware please see Protecting Against Ransomware Attacks

Microsoft Defender for Office 365

Information Services is implementing Microsoft Defender for Office 365 which will add some additional features to protect users from malware, phishing and spam emails.