The following Security Policies have now been signed by the Head of College, Deans of Research and Teaching, College Secretary and the the Head of Life Sciences Computing. These documents encompass acceptable use of University computing resources as well as security and privacy implications of the approved policies. They are to help support the culture of openness, trust and integrity and assist LSC in protecting the privacy and security of systems and data within Life Sciences. Here is a short summary of the Documents:

• Don't send or forward e-mails which may be considered directly or indirectly racist, sexist, ageist, homophobic or which may be discriminatory or offensive to the same or disabled, otherwise you and the University could be held liable (Acceptable Use Policy)
• Do not attempt to impersonate the identity of others or by any means send or receive e-mails misrepresenting the originator or recipient addresses (Acceptable Use Policy)
• Do not tell anyone else your password and do not use anyone else's User-id and password (Password Policy)
• Don't use a password that may be easily guessed or otherwise abused. Authorized personnel will conduct regular audits of user passwords and cracked passwords will have to be changed to more secure alternatives (Password Policy)
• Do not leave a logged-in computer unattended (Acceptable Use Policy)
• Do not connect personal ICT equipment to University facilities unless it complies with the network connection policy. Computers must have adequate virus and firewall protection and may be refused connection if deemed to be inadequately protected (University Network Connection Policy)
• Do not configure your computer to bridge between a secure VPN connection and home or other networks as this puts the University network at significant risk (Remote Access Policy).
• Do not make, transmit or store an electronic copy of copyright material without the permission of the owner (Acceptable Use Policy)
• Do not access material of an offensive nature without specific permission (Acceptable Use Policy)
• Do not store personal or confidential data about yourself or others unless it is protected from unauthorized access and complies with the Data Protection Act. Unpublished research data must not be posted on publicly accessible web sites (Acceptable Use Policy)

Life Sciences Computing and other authorized personnel will conduct regular security, password and network audits to ensure compliance with these policies. Any employee found to have violated of any of the policies may be subject to disciplinary action. These are intended to enhance existing University wide security policies available from ICS: Using IT responsibly