Security
Keeping your University account details secure is crucial, not only for protecting your email account, but also for preventing unauthorised access to a whole host of University services and data. As a result, the University places a lot of emphasis on password security and it's important you do your bit to keep your password safe.
An introduction to information and data security
An introduction to information and data security
Reporting IT security incidents
To report an IT security incident please contact the IT Service Desk:
- Email: itservicedesk@surrey.ac.uk
- Phone: +44 (0)1483 689898 / ext. 9898.
How to keep your personal device secure
Keeping your computer up-to-date is one of the easiest ways to remain secure, however it is something many people often neglect.
Periodically, software manufacturers release updates to fix flaws that could be used by malicious attackers to gain access to systems. It is vitally important that you ensure your devices are kept up-to-date.
Below are guides to help you ensure that your device is up-to-date and secure:
Antivirus
Antivirus protects your computer from malicious software infections. It is important for you to ensure you have an antivirus program installed on your device and that it is up-to-date.
Most current day laptops and desktop computers come with either built-in antivirus or a subscription to a well-known antivirus product.
If your antivirus is a subscription, then it is important you either renew this or switch to a different antivirus program when this subscription runs out. Failure to do this will leave your machine at risk of being exploited.
Phishing emails
Phishing is when malicious criminals attempt to trick you into believing a message you have received is from a trusted source.
You can help tackle phishing attacks by forwarding suspicious emails to phishing@surrey.ac.uk or use the ‘Report Phish’ button in Outlook. If you are unsure if the email is genuine we will always be happy to help you.
Password advice
It is important that you use a strong and unique password to secure your University account.
The University recommends using the "three random words" method - where you combine three random words to create a password that is long enough and strong enough to withstand attack.
There are things to avoid when creating your password such as:
- Using memorable dates such as your birthdate
- Swapping letters for numbers (for example, swapping an "o" for a zero)
- Using the names of your pets, your children or popular culture references
Password strength and complexity is dynamically evaluated for University of Surrey accounts at the time you choose your password; if a password meets sufficient length, complexity, age and history requirements it will be permitted.
It is important that your password is easy for you to remember. Other things to note:
- You must never write your password down
- Your password must be unique (not a password you have used anywhere else)
- You must not share your password with anyone, even within the University
Whilst the University does not currently offer a password manager, you are free to use one if you choose.
Password managers are software designed to store passwords safely and securely. There are many options on the market that offer this service. Some of the more popular options include:
- LastPass, KeePass, Keeper, Password Safe, Dashlane
- Most modern browsers also include a basic password manager feature
Using a password manager means you can have many longer and more complex passwords, without having to repeat them or worry about forgetting them.
If you think your password has been compromised:
- Report the incident immediately via the Report a breach form
- Immediately change the password following the instructions and then report the incident to the IT service desk by calling 01483 689898 / ext 9898
Need more help?
MySurrey Help is packed with answers to the most common questions, and Surrey Support is available if you would like to ask a question to one of our support services.