Curtin IT Services

About CITS Service Availability Information Security Internet Management For Students For Staff For IT Support Staff Policies

• Information Security

• Latest News
• Sitemap
• Contact CITS:
• Faculty & VCIT Contacts

Information Security and Internet Management

• Introduction
• What is Information Security?
• Why do we need Information Security?
• What are the benefits?
• How do I report an Information Security incident?
• What happens when policy is breached?
• Contacts
  

Introduction

Curtin acknowledges an obligation to ensure appropriate security for all Information and Communication Technology (ICT) facilities, services, data and processes within its domain of ownership and control.

While this obligation and responsibility MUST be shared by ALL members of the Curtin community, Curtin IT Services (CITS) has responsibility for ensuring that the integrity of Curtin's key ICT facilities, services and data are maintained through effective ICT management practices and the facilitation of information security initiatives to the overall benefit of Curtin students and staff.

[back to top]

What is Information Security?

Information Security includes techniques, policies and strategies used to ensure that data stored in an organisation's computers cannot be accessed or processed without the consent of the organisation.

Risks that threaten an organisation where effective Information Security measures are not in place fall under the following broad headings:

• Appropriate use
  Security measures should ensure ICT resources are used for the purposes for which they were intended, and in a responsible manner that does not interfere with the rights of others.
  
• Confidentiality and privacy of information
  Information Security measures should ensure the confidentiality and privacy of personal or corporate information. They should address the issue of copyright.
  
• Integrity of Data
  Security measures should be designed to ensure the accuracy and integrity of data and provide the organisation with the capability to recover and maintain data under all circumstances.
  
• Protection of Facilities and Services
  Information security measures cover, but are not limited to, the following facilities and services:
  • Computing and Peripheral Equipment
  • Network Equipment
  • Computing and Network site facilities
  • System and Application Computer Programs
    
  • Information services e.g. Internet
  • Desktop equipment e.g. PCs, laptops
    
• ICT System Availability
  Security measures should be designed to ensure appropriate levels of availability and functionality of corporate systems (e.g. OASIS, Finance 1, Student 1 and Alesco).
  

[back to top]

Why do we need Information Security?

• Curtin's business operations depend on the efficient functioning of its ICT systems and the integrity and accuracy of the information they deliver. Systems such as Student 1, Finance 1, Alesco and the Library systems and others are of paramount importance to the mission of Curtin. The hardware, software, data and information components that underlie Curtin's ICT facilities and services represent a large financial commitment that must be protected.
• The use of Curtin ICT facilities and services in ways and for purposes other than those for which they were intended represents a misuse of valuable Curtin resources. It also represents a danger to Curtin's reputation.
• Confidentiality and Privacy of information is mandated by common law.

[back to top]

What are the benefits?

Good Information Security strategies:

• give confidence in the availability and integrity of Curtin information and the systems that deliver it;
• contribute to the effective use of Curtin resources and to achieving Curtin's objectives.

[back to top]

How do I report an Information Security incident?

Members of the Curtin community are encouraged to report information security problems, experiences, observations, concerns, suggestions and queries through the following channels:

• For electronic information and/or information systems security problems, contact your local ICT support and Information Services;
• If you have questions, suggestions or general information requirements relating to Information Security - e-mail info-security@curtin.edu.au

Curtin's present ICT support structure and processes provide this framework for the management of all ICT problems. A more specific information security incident reporting and management process is now available through your local ICT support area.

[back to top]

What happens when policy is breached?

Failure to abide by these terms and conditions will be dealt with under the University ICT Breach Policy.

[back to top]

Whose job is Information Security?

Everyone's Individual members of the Curtin Community, both staff and students, are responsible for the appropriate use of desktop facilities and services available to them.

Each user of Curtin ICT resources is subject to the University ICT Access Policy and is responsible for the proper care and use of ICT resources under their direct control.

See our Policies section for more information.

[back to top]

Contacts

• If you have Information Security related concerns or problems, please contact the ICT support staff for your Faculty.
• For general information about Information Security activities and policy, contact the Information Security Manager - CITS at info-security@curtin.edu.au

[back to top]

Curtin University of Technology
To report errors on this website please contact: Curtin IT Services
Copyright and Disclaimer
Content Last Modified: April 16, 2008
Curtin University of Technology, Perth CRICOS Provider Code 00301J
The Sydney Campus of Curtin University of Technology CRICOS Provider Code 02637B

Curtin Search Curtin Site Index Staff Directory