Microsoft Remote Web Access – Data Protection Guidelines
The following guidelines will help you to keep your data safe when accessing it remotely. You may wish to use these as part of a School Remote Working Policy that you ask people to acknowledge and sign before allowing them access to work remotely.
- Never share usernames or passwords.
- Do not save usernames or passwords on public or shared computers.
- Passwords must be strong. A strong password will contain a mixture of lower and upper case letters, numbers and symbols. It should not be like your name, username, friends’ or family members’ names. It should not be a dictionary word, a common name or a keyboard pattern (e.g 12345 or qwerty). It should be at least 8 characters in length: the greater the length the greater the security.
- Sign out of the Remote Web Access session when you have finished, rather than just closing the web page.
- If you believe that your user credentials have been compromised, report this immediately and change your password as soon as possible.
- Do not print out sensitive or personal data to a local printer from a remote access session
- Do not save sensitive or personal data to a local PC or other storage device from a remote access session, unless you are using a school supplied encrypted laptop or encrypted storage device.
- If using an iPad to connect, and you share that iPad with another person, ensure that you delete any remote access connections you configured after you finish your session.
- Devices used to connect must be fully up to date in terms of windows and other software updates and anti-virus software
