Centre for Information Technologies, Faculty of Arts
Guidelines for Using IT
Software and Technology Guidelines
The university Directive No. 10/2017 Use of Information Technology, updated on 15 June 2020, regulates the use of information technologies at the Faculty of Arts.
The main novelty is the provision in Section 3(1): “Users are obliged to utilize solely MU IT for the fulfilment of their work tasks except for cases where there is a legal reason or a reason worthy of special consideration for another procedure.”
Similar requirement is based on the Directive No. 6/2013 Research Data for the processing of research data, which should be “processed solely through MU IT” (Section 3(4)).
The term “MU IT” is defined as “the set of hardware and software, networks and services intended for the processing of data at MU”, in other words, computers, programs and services managed by the university.
We have selected some typical procedures that illustrate both the meaning and the practical effects of this update. By following these procedures, you are not only following the established guidelines of the university, but also significantly contributing to the security of all your work data.
Working with emails
What NOT TO DO when working with emails
- I forward my work mail to a non-university address on an external server, not managed by the university (for example, seznam.cz or gmail.com). On this server, I process it and send mail either as a user of this server (e.g. firstname.lastname@example.org) or as a faculty user (e.g. email@example.com).
Such services are often free and the providers of these services provide only minimal protection for the user and their data in the event of damage or loss. In addition, typically, the data provided by the provider is monitored and, based on machine analysis, you may be offered advertisements - this way, you are actually paying for the “free” service. For both of these reasons, services outside the MU administration are inappropriate for storing any internal, discrete or sensitive data (for instance, emails with attachments always contain at least internal information). The risk of compromising their security is unacceptably high.
When using an external mail service to manage your mail, the time to resolve a cyber security incident is also extended, as it is necessary to arrange the cooperation of an external entity first. Finally, sending mail from a non-university address is not very representative, because as an employee of the faculty you should be acting under its name.
What TO DO
I store work mail on servers managed by the university.
Two basic options are available:
- Mail in Office 365 - a state-of-the-art solution that recognizes spam better and offers users the benefits of connecting with other Office 365 services.
- Faculty server based mail - mail is stored on the servers of the faculty; this is how we have been doing it since the beginning of the electronic age and it is still fully operational, however, new employees are already provided with O365 mail services.
We recommend using institutional (university or faculty) tools to read and manage your mail. Primarily, it includes Microsoft Outlook, which can be installed on your home computer as part of the MS Office 365 suite or accessed online in your browser.
If you have your mail on faculty-based servers, you can also use Outlook to read it on your computer or you can use Roundcube, the tool which is operated directly on the faculty-based server, to access your mail online through the web browser.
Working with data storage
What NOT TO DO when working with data
- I store my work data in private storage (e.g. Google Drive, Dropbox, iCloud, etc.).
- I store my team work data in private storage (e.g. Google Drive, Dropbox, iCloud, etc.) and share it with others using their private accounts within the same service.
The data is stored in private storage not established by the university, therefore, it is not covered by the legal arrangements that we have in place with the data storage operators. This creates a potential risk of sensitive data leak; the data may also be subject to non-European (non-GDPR) data protection legislation. Again, the most common services are free of charge and the same risks apply as described above for e-mail (data corruption, loss or security compromise). When using university storage, the employee can rely on a certain level of security of their data, because it is covered by contract arrangements according to Czech and EU legislation.
What TO DO
- I store my work data in services provided or managed by the university:
- Your data will be backed up and, at the same time, available on multiple devices (including mobile devices).
- You can conveniently share your documents with any MU employee or student, as well as with external users. For general work data, we primarily recommend using OneDrive (part of Office 365):
- You can edit MS Office documents (docx, xlsx, pptx) in Word, Excel, PowerPoint installed on your PC or in a browser.
- For long-term document sharing within work teams (independent of personal storage space), we recommend using Office 365 Groups, while for larger projects, a more robust Microsoft SharePoint solution may be more appropriate - both services are part of the Microsoft Office 365 suite. If you need help with your selection, please, contact the CIT.
- There are other university services that can be used for both scenarios (personal work data, team work data); see storage description in the IT Service Catalogue.
A good starting point for choosing the right storage location is the Storage Use Recommendations page - it includes practical advice on how to identify the type of data in terms of confidentiality (public, internal, discrete, sensitive), describes the available MU storage locations and recommends appropriate storage for each type of data.
Using technology while working from home
What NOT TO DO when working from home
On my private computer...
- I keep my work data and administer work email, but I have no time to update my operating system and programs, nor do I use any antivirus.
- I use an illegal copy of the operating system.
- I work under one account with other family members; I have no password to secure my account, because it is a time-consuming task.
Working from home places even greater demands on the protection of work data than using employee computers, because routine operations (OS and program updates, incl. antivirus, user account management) must be performed by yourself. Working on a private computer also involves data that is internal, discrete or sensitive (email correspondence, personal data, research data) and we have a duty to protect it from unauthorized access by others (including family members).
A computer with insufficient security (missing or out-of-date antivirus, illegal or out-of-date operating system, programs that have not been updated) increases the risk that data can be accessed by an attacker, for example, through a downloaded file containing malware or a website containing malicious code. A shared account puts your work data at risk of being lost or (even if not unintentionally) made available to someone else.
What TO DO
It is ideal to get your own PC/notebook for working from home and ask the CIT to perform the initial installation and configuration. If this is not possible , it is absolutely necessary to do the following...
- Use a legal operating system that you regularly update (you can set up an automatic update).
- Use a fully updated antivirus/anti-malware program and e-mail client (preferably Microsoft Outlook).
- Regularly update all installed software, especially web browsers and their components (usually, you can choose automatic update directly in the program settings).
- When you work, connect via the MU VPN, which not only gives you access to services available only from the university network, but it also makes your connection safer (your Internet activity will be encrypted, which means that if someone happens to be watching your Internet activity, they will not be able to recognize data sent during a VPN connection).
Furthermore, if a private computer is used by multiple members of the household, it is absolutely necessary to set up a separate account for each user and protect each account with a password so that users do not have direct access to each other’s data.
When it comes to working with documents, we recommend that you work with the university online storage and save data on your private computer only when necessary (for instance, when you need to edit a file).
For a number of other practical recommendations for securing your devices, including tablets and mobile phones, see the Security of Devices online lesson, which is part of the Cyber Compass university e-learning course.