New email security policy

A new email security policy has been published as part of the University’s commitment to improving data security and in readiness of forthcoming data usage legislation. It is important that you read and accept this. This will particularly affect staff who use Outlook on a personally owned computer or those using IMAP to access their University email.

Background

The University has committed to putting ‘Digital’ at the core of everything we do as part of the University Digital Strategy (Word Document, Login required).  This is in the context of globally-increasing cyber security threats and the forthcoming General Data Protection Regulations, which places increased obligations on the handling of personal data, with substantial financial penalties for non-compliance.

Improvements must be made to both IT security and information security throughout the University. To achieve this, we must now place limits on how we may access, and to which devices we may download, our University email. This is set out in the new email security policy:

Secure ways to access to your email

There are a number of ways to access your University email securely:

University computers

  • University PC or laptop using the Outlook desktop program
  • University Mac using either the Outlook for Mac or Mac Mail
  • University Linux computer (either fully-assured Linux service or manually assured) using IMAP, if requested (see below)

Mobile device or browser

  • University/personally owned mobile phone or tablet using the Outlook app* or ‘mail’ app, if they include the remote wipe feature**
  • On any modern web browser you can be able to use Outlook on the Web (webmail)

*Available when staff are upgraded to Office 365 email
**Remote wipe will only be used in exceptional circumstances to prevent loss of University information or where a serious investigation involving fraud or misconduct is underway. The Outlook app has the benefit that a remote wipe will only affect University data, rather the all the phone data.

What do I need to do?

Some methods of accessing email such as programs which use IMAP or the Outlook desktop program download (or cache) the mailbox to local storage. This can lead to University information being stored on devices which the University does not control and about which we do not have the IT security assurance necessary to be certain the information will itself be safe.

Outlook on personal owned ‘home’ computers

If you are using Outlook (or an equivalent program) to connect from a non-University-owned computer you must remove your account from it. Instead you can use any of the above ways to access your University email.

Request access to IMAP

If you are using a University Linux computer you can request access to IMAP if it is essential to your work at the University. You will need to:

When your staff email account is upgraded to office 365 email, IMAP will be only be available to those who have requested it. After the staff email upgrade it will only be available on-campus, unless you have requested it everywhere (on campus and off-campus).

Need IT help?

Find out more about IT Services including training and help at www.le.ac.uk/itservices or contact the IT Service Desk on 0116 252 2253.

Share this page: