Welcome to the UWA Cyber Security site
Find information and advice on how to protect your data and stay safe online.
The Cyber Security team at UWA provide a range of security services and resources to assist all members of the UWA community to protect University data and computer systems.
Cyber Security at UWA
- What is Cyber Security?
- Cyber Security is a body of technologies, process and practices designed to protect information and systems from cyber-attacks, damage or unauthorised access.
- Why we need Cyber Security?
- University data can contain sensitive information such as intellectual property, financial data or personal information for which exposure or unauthorised access could result in reputational damage or loss of critical services.
- Who is responsible for Cyber Security?
- All members of the UWA community have a responsibility to protect information that they access, possess or produce on behalf of the University.
Cyber Security services
The Cyber Security team at UWA provide a range of security services. These are intended to help all members of the UWA community to protect University data and computer systems.
For more information on any of offered services, or if you wish to engage the Cyber Security team, you can find our contact details at the bottom of this page.
Cyber Security awareness and training
- Providing face-to-face awareness training to staff on cyber security topics.
- Assisting with and producing cyber security guidelines and awareness material.
Cyber Security consultation services
- Conducting assessments of your systems or applications to identify security risks and assess compliance with policy.
- Assisting with risk mitigation plans and providing recommendations for controls to secure your systems or applications.
Cyber Security incident mitigation and response
- Responding to cyber incidents and containing threats.
- Conducting post-incident analyses to identify root causes and determine appropriate mitigating controls.
Stay Safe Online
Cyber risks are growing and attacks are getting more sophisticated. To stay secure we need to understand how to identify threats, secure our devices and protect our data.
This page provides advice on how to protect your data and University IT systems as well as information on the latest online threats and how to respond.
- Email scams and phishing
- Think before you click! Learn about how to identify email scams and phishing attacks, which are designed to steal personal information or gain access to University systems.
- Avoid malware infection
- What is malware and how do you avoid becoming a victim? Learn what steps you can take to identify and protect your devices and University information.
- Secure your devices
- Get familiar with some basic steps that you can take to ensure your computer and other devices you use are protected from a cyber-attack.
- Safe Internet browsing
- Learn about the steps you can take to stay safe and protect your personal information when you are browsing the Internet.
- Protect your passwords
- One of the most common forms of cyber-attack is via weak passwords. Is your password weak and are you following good password practice?
- Travelling with electronic devices
- If you are travelling for business or personal reasons it is imperative you take extra caution when using your mobile devices.
- Protect your sensitive data
- If you need to transfer or share sensitive data, follow these simple steps to ensure only authorised people have access to University or personal information.
Report a cyber security incident
All members of the UWA community, including staff and students, have a responsibility to protect information that they access, possess or produce on behalf of the University.
The Cyber Security team is responsible for assisting University staff and students to comply with University IT security policies and associated standards.
If you have been a victim of cyber-crime or suspect that malicious activity is taking place, please report the incident to University IT.
What is a cyber security incident?
A cyber security incident is any attempted or successful unauthorised access, disclosure, or misuse of University computing systems, data or networks (including hacking and theft).
A cyber security incident may involve any or all of the following:
- a violation of IT Security Policies or Standards
- unauthorised computer or system access
- loss of information confidentiality
- loss of information availability
- computer or device theft
- compromise of information integrity
- a denial of service condition against data, network or computer
- misuse of service, systems or information
- physical or logical damage to systems
How to identify a cyber security incident
Examples of cyber security incidents include but are not limited to:
- lost or stolen equipment
- presence of a virus or spyware or any other malicious program, including alerts from your antivirus software that your computer may have malware
- sudden appearance of unexpected/unusual programs
- posting of confidential/restricted data to a publicly accessible website
- inadvertent sending of restricted data to unauthorised recipients
- establishment of an unauthorised accounts for a computer or application
- unusual network connections to a computer or an application
- sharing or revealing of University account passwords
How to report a cyber security incident
All suspected cyber security incidents or activities involving inappropriate use must be reported to University IT. Call the IT Service Desk on ext. 1515 (+61 8 6488 1515) or email firstname.lastname@example.org
Policies and guidelines
Our policies define the rules that we must follow when using UWA IT systems. These rules are in place to ensure that we comply with laws and regulatory mandates and also to protect the confidentiality, integrity and availability of the University’s data.
Download a copy of the University's appropriate use guidelines:
University IT security policies and standards
All users and administrators of University IT facilities and services need to be aware of specific IT security policies and standards and consider them in their day-to-day use and administration of University information and IT systems:
Appropriate use guidelines
The appropriate use guidelines are an easy to read reference of the University's Computer and Software Use Regulations. As a condition of use of University IT systems, all users are required to comply with these regulations.
Security is everyone's responsibility. By following these guidelines we are all working together to ensure our University is not exposed to risks including the loss of confidentiality, integrity or availability of our data and systems.
You should not:
- Share your University username and password with others or use someone else's username and password.
- Access, copy, alter or destroy any University data, emails or other systems that you are not specifically authorised for.
- Possess, download, upload or distribute any material that may be illegal or subject to copyright, including pirated films and other unlicensed, unlawfully obtained or unauthorised media or software, as well as any malicious software or offensive material.
- Access, distribute or share University course materials, software licenses or research materials without appropriate authorisation.
- Use University IT systems and services to distribute any unsolicited emails such as SPAM or malware.
- Use University IT systems and services to bully, stalk or harass anyone.
- Use University IT resources to run a business or e-commerce platform.
- Use your University staff or student emails for registration of personal social media or any other personal accounts.
- Only use University IT systems and services for which you are specifically authorised to use.
- Use University IT systems and services for appropriate and authorised purposes only i.e teaching, learning, research and academic purposes.
- Report any suspicious behaviour or violations of the University’s Computer and Software Use Regulations to University IT.
- At all times lock your computers and mobile devices when you are leaving them unattended for any length of time.
- Avoid using the same password for your University and personal accounts.
- At all times comply with all relevant University policies and only use University IT systems and services in a way that is ethical and lawful, while respecting the privacy and personal rights of others.
Security Tip of The Day
- Don't Login on Untrusted Computers
- Mon, 19 Nov 2018 00:00:00 EST
- A password is only as secure as the computer or network it is used on. As such, never log in to a sensitive account from a public computer, such as computers in a cyber cafe, hotel lobby or conference hall. Bad guys target public computers such as these and infect them on purpose. The moment you type your password on an infected computer, these cyber criminals can harvest your passwords.
- Read more
- You Are a Target
- Fri, 16 Nov 2018 00:00:00 EST
- You may not realize it, but you are a target. Your computer, your work and personal accounts and your information are all highly valuable to cyber criminals. Be mindful that bad guys are out to get you.
- Read more
- [Information] - IoT "Internet of Things"
- Published Wed, 14 March 2018
- Read more
- [Information] - New Cyber Security website
- Published Fri, 16 Jun 2017
- Read more
- [Information] - VPN "Virtual Private Network"
- Published Tues, 10 April 2018
- Read more
- [Advisory] - Meltdown and Spectre vulnerabilities - what you need to know
- Published Wed, 31 Jan 2018
- Read more