Skip to content
contact us | home | accessibility


Google Custom Search
good practice and innovation
about us infoKits Tools & Techniques Publications Events
You are here: Home » infoKits » Information Lifecycle infoKit » Semi-Active Use » Is Your Information Safe?
Information Lifecycle infoKit

Information Management


This infoKit is a strand within the Information Management resource. Use one of the following links to view more on a particular lifecycle phase.

Is Your Information Safe?

The seventh principle of the Data Protection Act states:

'Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.'

This should act as a reminder that not only is it in the obvious interests of the institution to appropriately protect its information assets, but also potentially to a much wider set of stakeholders whose rights in this regard are enshrined in law. Clearly this is a pertinent issue throughout all phases of the information lifecycle, but is often perhaps most pressing an issue when the immediate use of the information diminishes and interest in it wanes. It is during this phase, as with so many other elements, that agreed management controls can inadvertently slip and good practice be forgotten.

The Overlooked Importance Of 'Good Housekeeping'

It is often the simple things which are overlooked but which can make the biggest difference. Although few of us ever manage to leave for home each night having left a completely 'clear desk' behind, users should be encouraged to at least ensure that confidential or sensitive material is locked away when not in use. Likewise, ensuring password protected screen savers are used, especially on PCs kept in open environments, is another simple yet effective preventative measure. Even such simple steps as ensuring that monitors being used in the processing of sensitive data cannot be read through a window or passing corridor can help.

Users should also be given guidance on what constitutes a good password (i.e. one which avoids proper names and includes numbers and symbols). When designing systems, consider whether to enforce the regular changing of user passwords - but beware that one unintended side affect of doing this might well be to encourage users to write their new password in obvious places rather than commit it to memory!

External Service Providers

There is an increasing trend for institutions and individual users to rely on online services provided by external companies to create and store information. This could be anything ranging from so called 'social software' services providing wikis, blogs and other online systems, to external hosts of online email and office applications.

It is worth giving careful consideration to the nature of the content users are entrusting to these services, and the guarantees you have regarding continued service delivery. Many of these companies are small with products in a perpetual state of beta development. It is inevitable in a competitive commercial environment that some services will be withdrawn and companies dissolved, potentially with little or no notice.

As such it would be unwise to rely on such services as the sole means of storing information considered to be of any real significance or value.
Bookmark and Share
Link to the JISC Website

© 2012 Northumbria University, on behalf of JISC Advance
JISC infoNet is a JISC Advance service
This website is powered by Plone | Cookies Statement

Creative Commons

 JISC Advance logo
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)