Systems up or down


Protect your University

Banner Protect Your Univeresity

Security is everyone’s responsibility.  Know about your role in protecting the University's data and facilities by learning about our policies and guidelines.

  • Understand UniSA's IT Policies
  • Learn about the other cyber security tools and resources available to you

For information on each of these, check out the following sections.

Email security

Email security is an important part of reducing the amount of spam, phishing, and other unsolicited emails you receive. At UniSA we use a modern email security service which sits between your mailbox and the outside world, providing an extra layer of security to allow you to open your email with more confidence.

The key features our email security service provides are:

  • A Secure Email Gateway: scanning all inbound and outbound emails for malicious emails and stopping them from ever coming into your inbox
  • URL Protection: scanning all incoming links to protect you from malicious sites
  • Attachment Protection: scanning all incoming attachments for malicious content
  • Impersonation Protection: blocking or marking emails that appear to be impersonating someone from inside the University

Our tools also provide users with controls for dealing with spam, releasing held messages, and selectively allowing emails to get to you.

Learn more about it in either our Staff Email Security or Student Email Security pages.


The IT Help Desk is your single point of contact for assistance with IT Cyber Security questions or concerns at UniSA. Our friendly IT Help Desk staff will assist you and if necessary refer your request to the appropriate expert.

Contact them via phone at extension x25000 or (08) 8302-5000 or email at Visit their website IT Help Desk  for more information about what they can help you with your IT issues.

Information Security

In 2018, a federal Security of Critical Infrastructure bill was passed into legislation bringing into effect a range of obligations to a number of sectors deemed as “critical infrastructure”.  In late 2021 and early 2022 amendments were made to this act, which now means that universities are included and deemed as “critical infrastructure”.  As such, staff must be aware that it pertains to education assets used for research within the following sectors:

  • Communications
  • Water and sewerage
  • Food and grocery
  • Defence
  • Data storage or processing
  • Energy
  • Transport
  • Education and research
  • Financial services and markets
  • Healthcare and medical
  • Space technology

The scope of the act pertains to “critical education assets”.  These assets are best explained as data assets, digital storage systems and processing (software) systems.  There are 2 main obligations under the legislation that we must comply with, namely:

  1. We are to report cyber security incidents to the Australian Cyber Security Centre based on the severity / impact of the incident, namely:
    1. Issues that have a significant impact on the availability of the asset within 12 hours of becoming aware, or
    2. Issues that have a relevant impact on the asset without material disruption within 72 hours of becoming aware
  2. We are to notify data storage and processing service(s) / suppliers, as is practicable to do so, of their obligations to notify and to make the University aware if they themselves become aware of a security incident.

In line with obligation number 1, staff are asked to report any cyber security incident to the IT Help Desk (the helpdesk is available to receive calls 24 hours a day).  The IT Help Desk will escalate the call appropriately depending on the determined severity and impact.  If you are working on joint research initiatives with external body’s, or other research institutions or individuals, and you become aware of an incident (which may only affect the external body, institute or individual) it is still asked that you raise a call with the IT Help Desk, irrespective of the perceived impact or severity of the incident.

In relation to obligation number 2, ISTS will pragmatically contact suppliers where there is university wide adoption of cloud data storage (e.g. Microsoft for the use of OneDrive / Sharepoint) and / or cloud processing service(s) (e.g. Qualtrics).  Storage and processing (software) solutions on campus don’t require this action (e.g. data assets stored on your S or R drives).  If you utilise other cloud based storage (e.g. dropbox) or cloud processing service(s) (i.e. that is specific to your research) then you’ll need to report to the IT Helpdesk if you become aware of an incident or issue.

'Policies' written on a post-it

Information can be found on the ISTS IT Policies and Guidelines page.