As January comes to an end – have you set any New Years Resolutions? (and have you kept up with any of them?). While you may not have thought about setting any cybersecurity goals, we have a couple of suggestions for good cyber habits to take into 2025.
1. Engage in regular Security Training
You can’t protect what you don’t know. If you’re a member of staff, make sure that you take the staff training annually. We want you to know what is expected of you and the University, to be alert to the threat of cyber-crime and have sufficient knowledge to identify incoming threats. If you’re a student you should look at this short course aimed at some key concepts for keeping you safe online at Oxford.
2. Use Strong, Unique Passwords and Password Managers
Passwords are a simple but powerful way to keep your data safe. Make sure you’re using strong, unique passwords for each account, following the University’s guidelines. 16 characters should be a minimum and using four words together with mixed case is quite helpful. You should avoid using the same password for multiple sites, so if one gets hacked, it doesn’t put everything else at risk.
To make managing passwords easier, we recommend using a password manager. These tools can help you create and store strong passwords without the stress of remembering them all, and they keep your info safe. Take some time to get familiar with how they work, and make sure you’re not reusing passwords across different accounts.
3. Enable Multi-Factor Authentication (MFA)
Multi-factor authentication (MFA) adds an extra layer of security by asking for something else, like a phone prompt, along with your password. This means even if someone gets hold of your password, they still can’t get in without that second step. MFA is compulsory on most University email accounts and we recommend you set up more than one method so you have backup in case you lose your phone or similar.
We also recommend the guidance from the National Cyber Security Centre on turning on two step verification for your personal email and other online accounts.
4. Use Secure Collaboration Tools
With remote work and digital communication being so common, it’s important only to use secure, University-approved tools for collaboration. These tools have encryption to keep your info safe and will have been through a Data Protection Impact Assessment and Third Party Security Assessment. Take some time to learn how to share documents securely, manage who has access, and avoid using platforms that are not approved for use with University data.
5. Stay Aware and Report Suspicious Activity
Keeping a strong cybersecurity culture means staying aware. We all have a responsibility to keep an eye out for any new threats and stay alert in everyday tasks. If you spot anything suspicious or run into a security issue—whether at work or on personal devices—be sure to report it. The quicker we catch things, the better we can help you and others avoid bigger problems and keep the University safe.
In 2025, our goal is to help everyone take charge of cybersecurity by learning and adopting key security habits. By staying on top of training, using strong passwords and password managers, turning on MFA, using secure collaboration tools, and staying alert, YOU can make a real difference in protecting sensitive data. All these steps will help keep the digital environment safe, supporting the University’s mission and building confidence within the academic community to safeguard your data.
Stay vigilant. Stay secure.
