As part of an ongoing security project, Digital and Technology Services and Governance & Assurance teams have been working collaboratively to improve our security controls.

Following our communication in March 2021, we are pleased to inform you that progress is going well. Over the last two months, we have enabled the report phishing button in Outlook, updated the university password policy and made Multi-Factor Authentication a requirement for all Virtual Desktop users.

We are now continuing with the planned security enhancements from now until Summer 2021 as follows:

Introducing Multi-Factor Authentication for Microsoft 365 (Office 365)

We are asking all users to start using Multi-Factor Authentication (MFA) to approve access to Microsoft 365 (Office 365) services. We have already seen a number of early adopters successfully using MFA and some have provided useful feedback to the project team.

We would like to encourage more users to adopt this extra level security before it is compulsory for all during Summer 2021.

Opt in now by following these steps:

1. Set up MFA if you haven’t already, follow the link on how to do this
2. Look at the Securing 365 SharePoint site as it’s got some FAQs you might want to read
3. Fill in the Opt In Form and submit
4. Send any feedback or concerns you may have to us using the Feedback Form and we can then help

Note, once you Opt In to using MFA with Microsoft services, you may need to approve authentication a number of times for each app and device that you use. If you use a third-party mail app (such as Mail on Apple iOS) then you will need to delete the mail account and re-add it in order to approve the authentication.

Further details and FAQs are available here.

Improving security on university managed devices

In March we also announced upcoming improvements to securing university managed devices (Windows). To achieve this, the project has been working on the following:

Remote Device Patching – Whilst a large proportion of users work away from campus, we have encouraged regular connections to the VPN in order to download the latest software and security updates on their university managed Windows devices.

To make this an easier process for staff and postgraduate researchers with these devices, we have now made available a new automated patching service from Microsoft.

To take advantage of this while still working remotely, you will need to connect your device to the VPN and follow these steps:

1. Log onto the VPN (ideally first thing in the morning)
2. Lock your device (Ctrl+Alt+Del or Windows+L) (leave for a 5 minutes)
3. Unlock your device and continue working
   At Lunch time please:
4. Lock your device again (Ctrl+Alt+Del or Windows+L) (leave locked while you are at lunch)
5. Unlock your device and continue working

Once done, Windows updates and security patches will be automatically downloaded without need for connecting to the VPN.

Should you be on campus with your device and are connected to the university network, the steps above are not required as your device will be automatically detected and automatic patching will be enabled.