Web filtering is intended to prevent university facilities (software, computers, networks and offices) from being used to access illegal material.
If you attempt to access a site that is in the 'blocked' categories of the web filter, a message will appear on your web browser. It will inform you that the site you are attempting to access has been blocked by University policy. If you need access to the site, please contact the IT Service Desk, and the request will be reviewed and if appropriate, an exception in the rule will be made for you.
Web filtering is in line with the University's current Rules & regulations for the use of information and communications technology policy, which inhibits the use of its IT and networks for accessing a much wider range of offensive material, as well as PREVENT related material.
The University has various responsibilities ranging from legal and regulatory compliance to reputational damage. Web filtering is intended to prevent university facilities (software, computers, networks and offices) from being used to access illegal material.
Web sites that publish illegal content.
Material that would contravene the protection of children, counter terrorism and security legislation. Other statutes could be used.
The University does have a statutory obligation under the Prevent responsibilities of the Counter-Terrorism and Security Act 2015 to have "due regard to the need to prevent people from being drawn into terrorism".
Under Prevent we have a responsibility to review our use of filters as a means of restricting access to material promoting terrorism.
If you attempt to access a site that is in any of the 'blocked' categories of the web filter, a message will appear on your web browser. It will inform you that the site you are attempting to access has been blocked by the University policy. If you need access to the site, please contact the IT Service Desk, and the request will be reviewed and if appropriate an exception to the rule will be made, or the block will be removed entirely.
Any blocks to academic research encountered will be looked at as a priority, and where required the University will work with all concerned to obtain the appropriate permissions.
The University is not making judgements about "acceptable content", but only aiming to protect its staff from accessing illegal content. The University also has a responsibility to protect its infrastructure from harm, including cyber security threats.
No. This policy protects academic freedom, which is also protected under law. Academic freedom, however, does not extend to breaking the law.
In line with our treatment of other web traffic, records created by the web blocking service will not be routinely monitored, although they will be kept. ILS will monitor the general performance of the service for operational reasons. However, again in line with policy for our other services, no investigation into, or dissemination of specific events will take place without the appropriate sign off from the relevant authority (eg: HR, VCO). The logs will be kept for a period of one year, at which point they will be deleted and considered non recoverable.
There is no plan to include other web sites, although the policy will be under continuous review if new regulations are made, and staff would be told in advance if new categories of filtering were going to be introduced.
The parameters of the filtering were considered and approved by the Information Assurance and Security Committee . The filtering is limited only to sites delivering illegal content, such as child abusive images, or material promoting terrorism – in line with our statutory duties.
Yes, there are already several layers of cyber security.
JISC protects the JANET infrastructure by monitoring and filtering and that includes blocks on some malware sites.
The University already has filters in place to block malware sites and certain network protocols.
Anti-virus software on user's machines may block material.
Email is filtered by Mimecast, the security software to detect messages that contain malware or links to malware sites. Mimecast also checks
for phishing attacks and routinely blocks and removes such email.
Revealing what is filtered would only provide the site publishers a mechanism to avoid the filters. Unless operationally essential the university will not divulge security details.
Unsurprisingly staff are law abiding and the number of filter activations are very low. During the trials, some of the activations were false positives and that has allowed the filter settings to be refined.