IT security

Everybody at Birkbeck - staff, students, visitors and all users of our systems - must work together to ensure the safety and security of IT systems and the data we are entrusted with. 

Find out how you can protect the data of our users

Protect your ITS user account

  • Never, ever share your username or password with anyone. 
  • Ensure your password is strong: as a minimum, your password should be eight characters in length and contain a mixture of letters and numbers. 
  • Only use your password to log in to services that you are sure are provided by Birkbeck. If you are in any doubt, check first by contacting us:

Beware of fraudulent emails (phishing)

  • Birkbeck staff and students may receive phishing emails, in which criminals attempt to obtain personal and financial information by posing as a legitimate email sender and asking for your username and password
  • A large number of these are caught by anti-virus and anti-spam software, but some get through. 
  • These scams may look like legitimate Birkbeck emails from ITS or Registry. You should also be wary of messages that seem to come from social networks (Facebook, Twitter, Instagram, LinkedIn), email service providers (Gmail, Hotmail), web services (Outlook, Microsoft) and from retailers. 
  • Fraudulent emails: 
    • will ask for your username and password and/or your financial details 
    • are usually anonymous (ie they don't include a person's name or contact details) 
    • often contain terms or language that you would not associate with Birkbeck 
    • often demand an urgent response 
    • haven't come from a legitimate Birkbeck account (click reply and see if the reply-to email is a Birkbeck one) 
    • contain embedded web links that are not on the Birkbeck website (float over the link without clicking on it to check the web address)
  • Trusted external links: official Birkbeck emails may contain external links for the following services: 
  • If in doubt, or if you have been the victim of a phishing scam, please contact us:

Bulk emailing 

  • Emails sent to groups of recipients should originate from our corporate systems, or be sent to distribution lists. 
  • If you have to send emails from outside of a corporate system, and an appropriate distribution list does not exist, please follow this advice: 
    • enter multiple email addresses in the BCC (blind carbon copy) field, as this will hide everybody's email address and avoid reply-all email chains 
    • send bulk emails from a verifiable College email account 
    • provide a named College contact, so recipients will know the email message is genuine 
    • choose a subject that clearly defines the purpose of the email 
    • take care in composing and checking the accuracy of the message content and recipient list 
    • provide an opt-out option for marketing emails, even after recipients have opted in. Student opt-outs are recorded on My Birkbeck 
    • do not send unsolicited marketing mailings. For those who have opted in, always acquire a fresh list sourced from corporate data, which will exclude those who have opted out of marketing communications 
    • avoid sending attachments in bulk email. If you must share a document, upload it to a Birkbeck-hosted web page and link to it 
    • avoid links to third-party websites. 

Security tips for ITS workstations

  • Never share your user ITS username and password with anybody. 
  • If you want to keep your work, make a backup copy. If you are editing or changing a file that you really need, it is best to make sure you have a backup copy before you start. 
  • Do your work on the N: drive and (if you want to) copy it to a memory/USB stick. If you save work on the C: drive it may be deleted at any time by another user or by ITS. 
  • Don't run programs if you don't know what they are or where they come from. Don't run wordprocessor or spreadsheet macros if you don't know what they are for. 
  • Don't open email attachments, even from people you know, unless you know what they are, and don't send email attachments unless it is something the recipient really needs. If your mailer lets you choose to send HTML mail, choose not to. 
  • Don't try to install any programs on ITS workstations. 
  • Read the Birkbeck Network Security Policy. 
  • Be wary of 'helpful' people you don't know giving you advice about using the computer. Never give them your ITS username and password. 
  • Always log off Windows when you finish your work. 
  • The most common cause of damage to computer systems is legitimate users making mistakes. Be vigilant and always make a backup copy.