New email security policy
The University has committed to putting ‘Digital’ at the core of everything we do as part of the University Digital Strategy (Word Document, Login required). This is in the context of globally-increasing cyber security threats and the forthcoming General Data Protection Regulations, which places increased obligations on the handling of personal data, with substantial financial penalties for non-compliance.
Improvements must be made to both IT security and information security throughout the University. To achieve this, we must now place limits on how we may access, and to which devices we may download, our University email. This is set out in the new email security policy:
Secure ways to access to your email
There are a number of ways to access your University email securely:
- University PC or laptop using the Outlook desktop program
- University Mac using either the Outlook for Mac or Mac Mail
- University Linux computer (either fully-assured Linux service or manually assured) using IMAP, if requested (see below)
Mobile device or browser
- University/personally owned mobile phone or tablet using the Outlook app* or ‘mail’ app, if they include the remote wipe feature**
- On any modern web browser you can be able to use Outlook on the Web (webmail)
*Available when staff are upgraded to Office 365 email
**Remote wipe will only be used in exceptional circumstances to prevent loss of University information or where a serious investigation involving fraud or misconduct is underway. The Outlook app has the benefit that a remote wipe will only affect University data, rather the all the phone data.
What do I need to do?
Some methods of accessing email such as programs which use IMAP or the Outlook desktop program download (or cache) the mailbox to local storage. This can lead to University information being stored on devices which the University does not control and about which we do not have the IT security assurance necessary to be certain the information will itself be safe.
Outlook on personal owned ‘home’ computers
If you are using Outlook (or an equivalent program) to connect from a non-University-owned computer you must remove your account from it. Instead you can use any of the above ways to access your University email.
Request access to IMAP
If you are using a University Linux computer you can request access to IMAP if it is essential to your work at the University. You will need to:
When your staff email account is upgraded to office 365 email, IMAP will be only be available to those who have requested it. After the staff email upgrade it will only be available on-campus, unless you have requested it everywhere (on campus and off-campus).
Need IT help?
Find out more about IT Services including training and help at www.le.ac.uk/itservices or contact the IT Service Desk on 0116 252 2253.