Information Security @ SCU
Information Security refers to the technologies, process and people involved in establishing and maintaining controls to protect IT computer systems from security threats. Security related threats include viruses and other malicious code, hacking, identity and data theft, spam, denial of service attacks and web defacement.
- Risk assessment and management of IT related security threats;
- Anti-virus and anti-spam protection;
- Firewalling and network security;
- Web-based security testing;
- Advice and recommendations on security threats and mitigation;
- SCU Information Technology Security Policy.
The definition of a security breach or incident includes the following:
- Unauthorised access attempts (hacking);
- Unauthorised network and port scanning;
- Denial of Service (DOS) attacks;
- Website defacement;
- Theft, misuse or critical loss of IT resources including equipment, system information or login identities/passwords;
- Work practices that do not comply with security policy or accepted codes of practice;
- Unmanaged viruses, worms or malicious code;
- Other related suspicious activity, event or situation.
How to report a security issue
All security queries go to the TS Service Desk.
The information needed to report a security breach includes:
- General nature of the security incident;
- Systems involved in the incident;
- Impact or potential/impact of the incident;
- When the security incident occurred;
- Details of person/s involved in the incident;
- How the security incident occurred;
- Possible preventative measures for control.