Policy on Safeguarding Data
Annex
Assessing Requirements for Encryption: Does your data need to be encrypted?
It is impractical to specify precisely what data will warrant the additional protection of encryption, but in general terms, it will be 'sensitive data' that is removed from on-campus University systems/network, either on a laptop computer or on removable media, to and from premises outside the University.
For the purpose of this policy, 'sensitive data' is defined as "data, which if disclosed to those who do not require it for official University business, or which has not been afforded the degree of protection which might reasonably be expected, considering its content, would damage the credibility of the University".
The 'data owner' will generally be the person best placed to assess whether his/her data requires to be encrypted. Data that is created, processed or stored on University systems, and accessed over the University network would not normally require to be encrypted.
Questions to ask are:
- Are the data known to be University or research sponsor confidential?
- Are the data subject to a non-disclosure agreement or government security standards that require encryption?
- Would the University suffer reputational damage if the data were disclosed or found un-protected?
- Are the data removed from secure campus storage, for instance via a laptop, memory stick or email?
If the answers to any of these are "Yes", then encryption is likely to be needed.
Those who believe they have a need to encrypt data should refer to the University's Encryption Guidelines which can be found at http://campus.leeds.ac.uk/isms.
Assessing Access Requirements: Does access to your data need to be restricted?
If you need additional assurance that team or project data is complete and accurate you will need to place it in a shared area of the network ('N' Drive) but restrict write and delete access to it to the most trusted and competent members of the team. Each user accessing shared data should use their own user credentials to do so as opposed to using shared accounts.
Other permissions and privileges can be also be applied to enable to control access and manage data files.
Email accounts should not be used for shared or project data. In any event, when an individual leaves, colleagues must ensure any project data is retrieved from the personal account before it is automatically deleted.
Contact your Faculty IT Manager or the ISS Help Desk for more details.
Assessing Data Storage and Backup Requirements: What storage and backup arrangements need to be in place for your data?
The confidentiality or sensitivity of the data should be categorised into three levels. These are needed to ensure that excessive technical and process security required for highly sensitive material is not applied to all material - with ensuring effort and cost impacts.
| Highly Confidential |
Disclosure to unauthorised recipients would result in serious business impact being suffered by the University or its members. For example, the University's credibility as a first class institution being brought into question, or direct financial losses through the withdrawal of significant research grants / the inability to attract new grants. It is expected that this will cover a small proportion of research data. |
|---|---|
| Confidential |
Disclosure to unauthorised recipients would result in business impact being suffered by the University or its members. For example, local press coverage resulting from the loss. This is also expected to cover a fairly small proportion of research data. |
| Unclassified |
Disclosure will have very little or no business impact. The bulk of research data is expected to fall into this category. |
To help determine the availability required of data, the following categories could be considered:
| Highly Critical |
Data needed for key functions which is probably available only from a limited source and impossible to recreate quickly. Its loss or errors in it would have serious implications. |
|---|---|
| Critical |
Data needed for day-to-day working. It is not widely available and it would take considerable time and effort to recreate it. Its loss or errors in it would cause significant disruption. |
| Non-critical |
Data not important to operation. |
The required arrangements really depend on the criticality of the data, but the general rule of thumb is that:
- Data should not be stored in only one location (e.g. on the hard disk of a PC).
- It should ideally be stored on a network resource (e.g. server) that is effectively backed up either by ISS or the parent Faculty.
- Backup arrangements should ensure that critical data is backed up daily, and that less critical data is backed up to the extent that loss of original source would be nothing more that a minor inconvenience.
- The backups must be kept securely and remotely from the computer being backed up and without contravening Data Protection legislation.
- Any data that warrants encryption should be held encrypted on backup media where backups are preformed under local arrangements.
- Off-site storage should be considered for all critical back-up data, such as that associated with research.
- Storage solutions must be designed to have minimal single points of failure (hardware, software, process and people).
- People responsible for data backup and restoration should be suitably trained and supported as well as having the time to ensure this Policy is followed.
- Any backup and restore scheme must be fully and securely documented.
- The system must be tested and proven to work.
Pages in Policy on Safeguarding Data
- 1. 1. Introduction
- 2. 2. Policy
- 3. You are here: Annex