• Home
  • Protect your business: look after your information
Guides

Protect your business: look after your information

The issue

The increasing use of cloud and mobile presents organisations with new information security challenges.  When you put information in the ‘cloud’ you are putting it outside your controlled institutional environment. 

Breaches in information security can have serious legal and financial consequences for an institution, jeopardising its reputation and even its ability to continue operating. Information must be secure but accessible so that staff and students do not seek alternative, less secure routes to the information they need.

What you can do

Develop a robust security policy

Institutions are developing information security policies that meet requirements for both accessibility and security.

If you need to develop, review or implement a policy, then the information security toolkit can help you through the steps.

Get trained – or train your staff

By training your staff and students in information security, you can greatly reduce the risk of security failures.  You might consider attending one of our training courses which include sessions on information security policies, managing IT security, the use of firewalls and log files and digital forensics in case of cybercrime.

Make sure the identities of staff and students remain safe

You will need to provide staff and students with an identity so that they can be authorised to access online information securely. See our videos for examples of how institutions have used identity management to restrict access to particular resources to a closed group or even an individual.

The identity management toolkit describes the roles, structures and policies required for good identity management and the systems and processes that support them.

Understand the law

We can provide you with briefings on a range of legal issues related to information security including data protection, computer misuse, cloud computing, liability, interception and monitoring - or call the Jisc Legal helpdesk for more information.

Key questions

What issues should we consider before signing-up to a US-hosted service? 

Our briefing describes how you can remain compliant with UK data protection requirements when transferring personal data to US organisations.

Can I see an example of a learning provider using the cloud securely?

Read our case studies to find out more about security in four different cloud computing scenarios.