Welcome to UWA Cyber Security

Cyber Security is a body of technologies, processes and practices designed to protect data and other digital assets from cyber-attacks, damage or unauthorised access.

University data can contain sensitive information such as intellectual property, financial data or personal information that all members of the UWA community have a responsibility to protect.

Our services are available to all members of the UWA community, helping you protect your and the University's data and digital assets.

Cyber Security awareness and training

Providing awareness training, including face-to-face workshops and presentations to staff on cyber security risks and good practices

Cyber Security consultation services

Assessing the potential security risks and exposures of your project, systems, applications and proposed third-party contracts

Identifying pragmatic safeguards to assist you deliver your goals in a secure manner

Assisting with interpretation and application of security policies and guidelines

Cyber Security incident mitigation and response

Responding to cyber security threats, vulnerabilities and incidents.

Conducting post-incident analyses to identify root causes and determine appropriate mitigating controls.

 
You may request the above cyber security services through the University IT Service Desk. Call ext. 1515 (+61 8 6488 1515) or email servicedesk@uwa.edu.au.
 
We work closely with the University's Information Governance Services to enable 360° information security. If you would like to know more about information classification and handling, privacy, record keeping and retention, please visit the Information Governance Services website

Policies and standards

At the heart of our cyber security efforts is the mission to enable users of the University’s IT assets and services, our students, staff or third parties, to do their business and achieve their goals in a secure manner. In turn, everyone has to be aware of certain security responsibilities and the role we all play in maintaining adequate security. Our policies define the principles that the University Community must follow when using UWA IT systems and services.

Acceptable Use of IT Policy

IT assets and services of UWA are shared resources that underpin teaching, learning, research and core business activities. The Acceptable Use of IT Policy details your personal security requirements when using IT to maintain a secure, ethical, productive and reliable IT environment for the benefit of all of us.

Cyber Security Policy

UWA recognises that cyber security is a fundamental enabler of its mission and strategies. Without secure and reliable information, we cannot provide world-class education, trusted research and community engagement. The Cyber Security Policy commits the University to preserving the security of its IT assets and services, and expresses risk-based cyber security principles.

Cyber Security Management Framework

The Cyber Security Policy mandates the development and implementation of a Cyber Security Management Framework (CSMF) that provides detailed requirements for the protection of IT assets and services. This University IT Standard is based on the ISO27001 Standard to leverage industry best practices, benchmark security performance and enable continual improvement.

Cyber Security Guidelines

Protect your digital self

Email scams and phishing
Think before you click! Learn about how to identify email scams and phishing attacks, which are designed to steal personal information or gain access to University systems.
Safe Internet browsing
Learn about the steps you can take to stay safe and protect your personal information when you are browsing the Internet.
Protect your passwords
One of the most common forms of cyber-attack is via weak passwords. Is your password weak and are you following good password practice?
Travelling with electronic devices
If you are travelling for business or personal reasons it is imperative you take extra caution when using your mobile devices.

Protect your devices

Avoid malware infection
What is malware and how do you avoid becoming a victim? Learn what steps you can take to identify and protect your devices and University information.
Secure your devices
Get familiar with some basic steps that you can take to ensure your computer and other devices you use are protected from a cyber-attack.
Protect your sensitive data

If you need to transfer or share sensitive data, follow these simple steps to ensure only authorised people have access to University or personal information.

Protect your University

Acceptable Use of IT Brochure
Here is a printable brochure explaining the requirements of the Acceptable Use of IT Policy.
Accessing regulated digital content from University networks

Learn how to request access to websites considered as regulated digital content.

If you have been a victim of cyber-crime, detect an incident or suspect that malicious activity is taking place, please report it to University IT and help us respond faster.

How to report a cyber security incident

You can call the IT Service Desk on ext. 1515 (+61 8 6488 1515) or email servicedesk@uwa.edu.au to report an incident.
 
If you wished to make an anonymous complaint or disclosure, you may submit your report through the Complaints portal

How to identify a cyber security incident

Any attempted or successful unauthorised access, disclosure, or misuse of University computing systems, data or networks (including hacking and theft) can be considered as a cyber security incident. It may involve:
 
•    a violation of IT Policies or Standards
•    device loss or theft - personal or University owned
•    unauthorised computer or system access
•    loss of information confidentiality
•    loss of information availability
•    compromise of information integrity
•    a denial of service condition against data, network or computer
•    misuse of service, systems or information
•    physical or logical damage to University devices and equipment
•    tempering with the configuration of University devices and equipment
•    presence of a virus or other malicious program, including alerts from your antivirus software that your computer may have malware
•    sudden appearance of unexpected/unusual programs
•    posting of confidential/restricted data to a publicly accessible website
•    inadvertent sending of restricted data to unauthorised recipients
•    establishment of an unauthorised accounts for a computer or application
•    unusual network connections to a computer or an application
•    sharing or revealing of University account passwords

Security Tip of The Day

Personalized Scams
Tue, 22 Oct 2019 00:00:00 EST
Cyber criminals now have a wealth of information on almost all of us. With so many hacked organizations now a days, cyber criminals simply purchase databases with personal information on millions of people, then use that information to customize their attacks, making them far more realistic. Just because an urgent email has your home address, phone number or birth date in it does not mean it is legitimate.
Read more
Mobile Apps
Mon, 21 Oct 2019 00:00:00 EST
Only install mobile apps from trusted places, and always double-check the privacy settings to ensure you are not giving away too much information.
Read more

Announcements

[Information] - VPN "Virtual Private Network"
Published Tues, 10 April 2018 
Read more
[Information] - IoT "Internet of Things"
Published Wed, 14 March 2018
Read more
[Advisory] - Meltdown and Spectre vulnerabilities - what you need to know
Published Wed, 31 Jan 2018
Read more
[Advisory] - Global ransomware campaigns - "Petya" and "NotPetya"
Published Wed, 28 Jun 2017
Read more

Contact us