The University operates in a highly competitive global market for students, staff and research funding in which information is a valuable asset. At the same time the University must comply with the law and protect its interests – avoiding or mitigating the risk of damage or prejudice resulting from unauthorised or accidental disclosure, modification or destruction of information.
Information security, sometimes referred to as ‘information assurance’, is concerned with maximising the business benefit conferred by information while ensuring that the University also fulfils its legal and contractual obligations by balancing the demands of:
- Confidentiality– preserving authorised restrictions on information access and disclosure, including means of preserving personal privacy and proprietary information. A loss of confidentiality is the unauthorised disclosure of information.
- Integrity– guarding against improper information falsification, modification or destruction, and includes ensuring information non-repudiation and authenticity. A loss of integrity is the falsification, unauthorised modification or destruction of information.
- Availability– ensuring that information is made available as and when required for the University to conduct its business properly and without delay. A loss of availability renders information useless and without value.
IT Services is responsible for identifying threats, evaluating vulnerabilities and for implementing security measures, or controls, to address them. Threats are continuously evolving and posing new challenges that require constant vigilance and agility.
For further information on IT security, please contact:
David DeightonInformation Security Officer
University of Birmingham
Edgbaston, Birmingham B15 2TT, UK