Protect your data

Prior to the adoption of any new third-party service a risk assessment is required to be undertaken by the ISTS Cyber Security team. This ensures that the business owner of the service acknowledges the risks involved in storing University data in an external system.

Cyber Security risk assessments are mainly driven by the University's Risk Management Framework and Information Security Policy to ensure that organisational and legistative obligations are adhered to. 

Click on the links below for further information.

• Types of Cyber Risk Assessments
• Steps to lodge a Cyber Risk Assessment

With an increasing amount of sensitive data being stored on personal devices, the value and mobility of smartphones, tablets, and laptops make them appealing and easy targets. These simple tips will help you be prepared in case your mobile device is stolen or misplaced.

• Encrypt sensitive information. Add a layer of protection to your files by using the built-in encryption tools included on your computer's operating system (e.g., BitLocker or FileVault).
• Secure those devices and backup data. Make sure that you can remotely lock or wipe each mobile device. That also means backing up data on each device in case you need to use the remote wipe function. Backups are advantageous on multiple levels. Not only will you be able to restore the information, but you'll be able to identify and report exactly what information is at risk. 
• Never leave your devices unattended in a public place or office. If you must leave your device in your car, place it in the boot, out of sight, before you get to your destination, and be aware that the summer heat of a parked car could damage your device.
• Password-protect your devices. Give yourself more time to protect your data and remotely wipe your device if it is lost or stolen by enabling passwords, PINs, fingerprint scans, or other forms of authentication. Do not choose options that allow your computer to remember your passwords.
• Be smart about recycling or disposing of old computers and mobile devices. Properly destroy your computer's hard drive. Use the factory reset option on your mobile devices and erase or remove SIM and SD cards.
• Verify app permissions. Don't forget to review an app’s specifications and privacy permissions before installing it!
• Be cautious of public Wi-Fi hot spots. Avoid financial or other sensitive transactions while connected to public Wi-Fi hot spots.
• Keep software up to date. If the vendor releases updates for the software operating your device, install them as soon as possible. Installing them will prevent attackers from being able to take advantage of known problems or vulnerabilities.

It's important to understand where your data is stored and what requirements you need to follow for different data classifications to comply with UniSA policies and government legislation. Staff and researchers should be particularly aware of their responsibility when storing confidential information and/or research data.

The University provides a range of data storage solutions for meeting different storage requirements and can help ensure you are choosing an appropriate solution for your data.

Staff, students, and other individuals with access to UniSA information should understand UniSA's information security policies and guidelines and the importance of having good work practices that follow them. This helps reduce the possibility and effects of potential data breaches.

In addition to keeping soft copies of the University's data secure, staff and students should be aware of hard copies. Hard copies containing Confidential or Restricted information should be kept to a minimum and stored securely when not in immediate use. They should be shredded or placed in confidential bins once no longer needed.