Advice for remote working

Secure Remote Working Guidance

When working while off-campus, it is important for university staff to do the following to ensure the security and protection of University systems and data:

  • Access key resources using official URLs as listed here: http://www.nuigalway.ie/remoteaccess/
  • Work only on official University platforms including Blackboard, the University email system and the University’s Office365 environment which includes OneDrive, SharePoint and Microsoft Teams
  • For sharing of files and online collaboration, use OneDrive and/or SharePoint, both of which can be accessed alongside your email at https://www.office.com  
  • To share very large size files or for especially sensitive files use the HeaNet FileSender service
  • For online meetings, the recommended and supported platform is Microsoft Teams - this solution is both GDPR compliant and adheres to the University security policy.  Further information on the use of Teams is available here
  • Don’t use personal email accounts for emails involving University data
  • Ensure your computer, laptop, or device, is used in a safe location, where you can keep sight of it, and minimise who else can view the screen, particularly if working with sensitive personal data
  • Lock your device if you do have to leave it unattended for any reason. Make sure your devices are turned off, locked, or stored carefully when not in use.
  • Take extra care that devices, such as USBs, phones, laptops, or tablets, are not lost or misplaced
  • Before sending an email, double-check its addressing to ensure you’re sending it to the correct recipient(s), particularly for emails involving large amounts of data or sensitive personal data
  • Avoid retaining duplicate copies of data on your device. Please check that downloaded files are deleted from your computer’s Download Folder / Hard Disk once saved to OneDrive, SharePoint or Network folders and are not retained on devices where they may be visible to unauthorised individuals
  • If you are working without cloud or network access, ensure any locally stored data is adequately backed up in a secure manner
  • Keep any paper documents that contain University data secure when working at home – lock paper files away when not in use. Use a shredder / confidential bin when disposing of University documents
  • Consult with the University’s Data Protection website to ensure that you are familiar with our Data Protection Policies and Procedures, and please also have regard to this guidance from the national Office of the Data Protection Commissioner.
    • In regard to GDPR it is important to continue to comply with the legislation and some simple guidance is in this link https://dataprotection.ie/en/news-media/blogs/protecting-personal-data-when-working-remotely; and please consult with our data protection website for guidance and details of our data protection policies and procedures: https://www.nuigalway.ie/data-protection/
    • If you are volunteering or assisting another body (for example the HSE or other) during the period of the COVID-19 emergency unless strictly necessary please ensure that if you are given access to sensitive personal data(for example medical data) that such sensitive personal data is accessed, processed and stored on the other bodies systems so that the sensitive personal data is fully protected.
    • It is acknowledged that working from home provides a number of challenges not least of which is securing your work and protecting both your data and that of the University.  We would like to remind staff that best practice in this matter is contained in the following document:  https://www.nuigalway.ie/media/oifiganrunai/GDPR-ICT-Best-Practice.pdf and would remind staff that both ISS and the Data Protection Officer are available to address any queries you may have in this area. 

    Users of Zoom should familiarise themselves with the following:

    • Zoom GDPR compliance statement here
    • Zoom Privacy notice here 

    Having considered these users can then decide on the appropriateness of using Zoom for their meeting. If you are invited to a meeting by an external body using Zoom or any other product, University data should not be shared via the platform.