Skip to main content

IT Security Best Practice

Learn how to protect your personal data with our cybersecurity best practices.

Making sure the information we value is kept secure is important – whether this is your personal, banking, or medical records, or your University staff, student or research data.

Follow the best practices below to help keep your sensitive information secure, both in your work and personal lives.

1. If you can’t see your screen, lock your machine

Lock your computer/mobile device if you are away from it. If you leave your computer unlocked, anyone could use your account to access our systems and information.

2. Be mindful of people around you, who may be watching your screen

Someone shoulder-surfing or watching you type your password and other key information is as good as you writing it down.

3. Use complex passwords and Multi-Factor Authentication

Strong passwords contain combinations of upper and lower case letters, numbers and symbols. Layer up your security with Multi-Factor Authentication (MFA) when it's available.

You can change your password for your University Microsoft 365 account by signing into your My Account page and selecting the 'Change Password' link.

4. Never share your account or password with anyone

You are responsible for your own account and what is done with it. Using a trusted Password Manager can help you to create and manage the passwords for all your accounts.

5. Install updates

Install software updates to help reduce security vulnerabilities that criminals may try to exploit.

6. Be mindful of what, and how, you share information on social media

Use your privacy settings to manage your online presence and avoid oversharing, as cyber criminals may use your content to inform spear-phishing attacks.

How to report IT security concerns

Report concerns or suspicious activity to help protect everyone, and to limit the impact of an attack.

If you have received a phishing email, please report it using the Report Message Add-in within Outlook – deleting it protects you, but reporting it protects everyone.

If you are concerned or think your personal data has been compromised, please report it immediately to our IT Security Team via TOPdesk, or by emailing This will allow us to investigate, and take remedial action to limit the impact of an attack or compromised account.

Complete the Cyber Security Awareness course on Moodle

Go to the Cyber Security Awareness course