Security

Information Classification and Handling Policy

The University has developed an Information Classification and Handling Policy to ensure that information is handled according to the risk or impact to ensure the confidentiality, integrity and availability of data.

The purpose of this policy is to ensure the appropriate handling of all formats of information by establishing a University-wide system of categorising information in relation to its sensitivity. The Policy also defines rules for the handling of each category of information.

Windows Domain Users

Most Windows users should be logged into the Caledonian domain. In this situation the web authentication process is transparent.

If a user attempts to access a page blocked under the IT Security Policy, an information page similar to Figure 1 will be displayed.

WebSecurity1
Figure 1

Internet Explorer (IE) users may first be prompted with a dialog box similar to that shown in Figure 2. Click Yes. The information page should now be displayed.

WebSecurity2
Figure 2

Non domain and Mac Users

A separate web authentication process requires to be completed before external Internet content in any form can be retrieved – whether web pages, RSS Feeds, software updates, images within email etc. It is therefore wise to web authenticate immediately after logging into the PC/Mac.

The web authentication process requires that pop up blocking is turned off for gcal.ac.uk web sites. If this is not done the authentication session will timeout after 1 minute. This will necessitate a repeat of the authentication process. See Appendix A for further information on configuring Popup Blockers.

Additionally, the web authentication process requires Java to be installed on the system. Appendix B walks through the Java installation process if this is not already present.

To authenticate, open a web browser and navigate to an external web page.

The web access authentication page will be displayed and the user prompted to enter their domain login credentials (Figure 3).

WebSecurity3
Figure 3

After successfully authenticating, a separate window will open (Figure 4). This window can be minimised but should not be closed during the current login session. Closing this window will require the user to re-authenticate.


WebSecurity4

 

Appendices

  1. Disabling popup blockers (PDF)
  2. Installing Java (PDF)
  3. Web Authentication Anomaly on Apple Macs (PDF)