As technology develops, new risks and security issues also develop and policies and procedures must adapt quickly to meet the challenges. A central problem in this ‘arms race’ is communication. It can be hard to find the right information and find it quickly when you need it. University staff and students need to have easy access to clear and relevant security guidance. For security management, creating new information or updating existing procedures can be slow and bureaucratic. The University must be agile in creating and publishing security advice.
The IS Advisories are designed to be subject focused documents, providing clear guidance in supporting the Information Security Policy and Acceptable Use Policy. All IS Advisories are approved by the IS Board and published on the eRecords system.
Advisories supporting the secure use of University IT resources.
- Secure Operations
- Systems Development and Maintenance
- Charter for System and Network Administrators
- Cloud Computing
- Secure Disposal of Redundant IT Equipment
- Handling Illegal Material
- Asset Management
- Patch Management
Advisories governing the identification of account users and protection of account access. This includes the physical access to buildings housing IT equipment.
- Google Apps Admin Account Access
- Data Centre Access
- Generic User Accounts
- Third Party Access Procedures
- Password Security
- Physical Security
- Wireless AMP User Regulations
- Secure Remote Access
- Privileged Access
Advisories specifically aimed at protecting the security of IT infrastructure.
- Bring Your Own Device
- Malicious Software
- USB Memory Sticks
- University Supplied Mobile Devices
- Immediate Response to the Loss of a Data Device
Advisories which support good security practice – particularly in relation to copyright, data sharing and intellectual property.
Advisories which deal with vulnerability scanning, penetration testing.