GDPR Self-Check

The scope of GDPR is vast and complex however by following these basic security measures you greatly reduce your personal risk of a data breach. ​If you need advice or assistance with any of these measures please contact


Use a strong password for your computer and all UCD Systems. Never share this password. 

10 characters long, consisting of numbers, letters and special symbol, with a mix of upper and lower case.

Encrypt your computer hard drive, and any external storage devices you use for UCD data.

Both Windows (Bitlocker) and Mac (FileVault) have built-in encryption capabilities, but they need to be enabled 

Device Encryption Guide

Install anti-virus software, enable automatic system updates, and turn on your firewall.

Sophos endpoint protection is available as a free download for Windows and Macintosh computers from UCD software downloads.  Sophos Antivirus for Android and Linux can be downloaded from the Sophos website. 

Note: Sophos is not currently compatible with macOS 11 Big Sur.  Avira can be used until Sophos resolves this issue. 

Encrypted and pin code your mobile devices, e.g. phones, tablets.

Device Encryption Guide

If you cannot secure your personal device as required please do not use it for UCD purposes.

Store UCD data on UCD systems only, e.g. Google Drive, Novell, and delete data inline with UCD retention policy.

For more information see UCD data classification matrix.   

Third-party services should not be used to store UCD Data, e.g. Dropbox, iCloud etc

UCD retention policy: Student Records - Finance Records - Employee records

Store UCD paper documents securely and shred when required in accordance with UCD’s retention policy.

UCD retention policy: Student Records - Finance Records - Employee records

Regularly run Google security check-ups on your UCD Gmail account. 

Go to to check recent account activity and find out who else, and which apps and services has access to your University information. 

Use UCD email carefully and safely

bcc on group emails, and always confirm recipient address is correct. 

Be aware of phishing emails and Social Engineering scams, always verify web links and never open unexpected attachments.

Encrypt confidential files before emailing them. Send the decryption password by separate means, either by text, in person or over the phone.  

Share UCD data, both physical and digital, carefully and only with those authorised to view it.

For example, do not post lists of student names, numbers, grades etc on public or even semi-private forums like Brightspace or Moodle. 

Avoid printing personal data to common area printers, or ensure the print out collected immediately.

Only use your UCD email address for University purposes.

Use a personal email address when creating social, personal or domestic online accounts.

On-Campus use the cabled network or Eduroam Wi-Fi network. When working remotely use the UCD Staff VPN 

Particular care should be taken when working on free Wi-Fi networks, such as a Hotel, Coffee shop or Airport hotspot. 

Accessing the staff UCD VPN 

Report all incidents 

In the event of a data breach contact the Computer Science Head of School and immediately.  Avoid making your own judgement call on the seriousness of the issue.