91ÊÓƵ

Skip to content

Cyber safety

Cyber safety is everyone’s responsibility. Cyber criminals are always working on new ways to access data so it is important to understand how to protect yourself, your personal information, and UniSQ.

Learn more about the Cyber Security Strategy 2021 - 2025.

GenAI is transforming our approach to learning, creativity and solving problems. At UniSQ, our aim is to equip students and staff with the knowledge and tools to fully leverage this technology positively, while adhering to safe and ethical practices.

UniSQ provides staff with access to Microsoft 365 Copilot, which provides enterprise data protection and requires Single Sign On to access it. Use of any other product effectively renders your chat public and should not be used. Programs like ChatGPT are not supported and is actively blocked due to security concerns. 

 

Your UniSQ password gives you access to your files and systems such as the Student Centre and StudyDesk. To keep yourself and UniSQ safe, ensure you never use your UniSQ password on any other site, account or app, and never share your password with anyone (we will never ask you to disclose your password).

Passphrases are a stronger, easier to remember type of password and are highly recommended as they are harder for hackers to crack. Passphrases use real words, are very long and often contain numbers and symbols to add to the complexity. The best passphrases are those that use a random mix of words, e.g. PineapplePetaPoursPort3timesaday

 
Creating strong passphrases
(MFA) helps protect your data by adding an extra layer of security when logging into UniSQ systems. 

Multi-factor is known also as two factor authentication (2FA) as it requires two separate factors to identify yourself.

  • Something you know (your UniSQ Username and Password)
  • Something you have (code or push notification sent to your mobile, push notification, hardware token etc)

MFA is extremely effective at preventing malicious cyber-attacks as the they do not have the “something you have” factor.

Below are some helpful AskUniSQ articles for students:

For staff please refer to the ServiceHub Knowledge Base article .




Portable storage devices like USBs and hard drives are a convenient way to store and share data, however it is important to be mindful of the following: 

  • What type of information you are storing on the device? Is it research data, confidential documentation or maybe your Thesis? If you need to save sensitive content, consider an alternative storage solution that cannot be easily lost or stolen by an unauthorised party. 

  • Where are you using the device? Plugging storage devices into multiple computers increases the risk of cross contamination. If you have picked up a virus or malware in one machine, you may infect subsequent devices you connect to.

  • How did you obtain the device? Targeted hacking can occur when USBs or portable hard drives are left in places where students can pick them up, thinking they are lost or unwanted. When these devices are plugged in, a virus or malware can be automatically downloaded, creating a gateway to your data as well as the University's network. Avoid looking at the contents of a unfamiliar storage devices and pass these onto the ICT Client Support at your campus.


UniSQ offers all students free, anti-virus software called Sophos as Home. This software constantly monitors your computer and mobile devices for threats such as malware, viruses, trojans, worms, bots, and unwanted apps.

Sophos Home can be installed on up to ten personal devices.

Sophos Home
Find out more

Phishing is when cyber criminals email, text or phone you with the goal of tricking you into sharing sensitive information or data (such as usernames, passwords, credit card details).

In email and text communication, it can involve asking you to click on a link that will download malware or a virus onto your device if opened. Be aware of the following:

  • Anyone asking for your password or asking you to click on a link and enter your password. UniSQ and other reputable organisations (e.g. Banks, Tax Office, Centrelink) will never ask you to disclose your password. If you think the message is legitimate, avoid clicking on the link within the message. Navigate to the website and sign in from there.
  • Spelling mistakes. Emails with spelling errors are a common indicator of a phishing attack. If you are unsure, contact the company directly.
  • Generic greetings. Be careful of messages beginning with a generic greeting like ‘Dear Customer’. Legitimate emails are likely to use your name which the company will have on record. 
  • Email addresses that don’t look right. Any emails sent from UniSQ will end with XXX@unisq.edu.au. Be careful of email addresses that are similar, but not the same e.g. smith@uusq.edu.au etc.

Protect yourself by looking out for suspicious emails, texts and phone calls. If you are ever unsure, check with the ICT Client Support.

For more information our short Don’t Get Phished UniSQ video.   

 




Phishing attacks
A simple way to protect your mobile device is to keep it updated. Android and IOS updates often release new security features or fixes and the sooner you update your device, the sooner your device will be more protected.

New scams and cyber attacks are being created all the time which makes it difficult to know what’s real and what isn’t. The Alert Service is free for Australians and provides easy-to-understand online security information about recent online threats and vulnerabilities within an Australian context. The service also provides solutions to manage risk to devices or computer networks.

Cyber Alert Sevice
When an organisation is hacked, cyber criminals can steal customers information which can then be sold to unauthorised parties. This information can then use it to try and break into online accounts and apps. Checking your passwords and emails is a simple, quick way to check how cyber safe your accounts are right now.
Check your security

Reporting cyber security incidents

If you receive a suspicious email or are concerned about someone requesting information about yourself or the University, it's important to know what action to take.

Any serious cyber concerns, particularly regarding your UniSQ account, sensitive research or university information, should be reported to UniSQ's ICT Cyber Security team at ict.security@unisq.edu.au so that the matter can be investigated further.

Email, phone calls and texts. If you receive a suspicious message, but have not clicked a link or opened an attachment, simply block the sender, and delete the message. If you are concerned your UniSQ account may have been compromised, please contact iconnect as soon as possible.

Online abuse. The has many resources to assist Australians deal with online abuse like cyberbullying (under 18), image-based abuse and illegal and harmful content.

Foreign interference. If you have any concerns regarding foreign interference, please contact the ICT Cyber Security team at ict.security@unisq.edu.au so that the matter can be investigated further.

Responsible use of AI:

It is critical that the information generated through GenAI is confidential and secure. GenAI tools should be used in ways that prioritise the security of personal and commercial data:

  • Consider the principles of fairness, privacy, reliability and transparency when using GenAI. We support
  • Do not include your own, or others’ private or personal information in prompts, such as email addresses, phone numbers or staff or student IDs
  • Evaluate GenAI tools for bias to ensure it does not perpetuate harm
  • Embrace collaboration and combine AI capability with your own knowledge to achieve the best results
  • Be aware of GenAI’s limitations:
    • GenAI tools can generate false information. Always evaluate this content using your own judgement and further research
    • Consider the possibility of intellectual property rights infringement
    • Review any links or sources that have been generated for accuracy.

Student use:

In addition to responsible use guidelines, it is important that students consider the following before using GenAI:

  • Always refer to your Course Coordinator’s instructions when using GenAI in your course or assessment. If you are unsure, do not be afraid to ask.
  • Maintain your academic integrity

Artificial Intelligence Principles:

  1. UniSQ is committed to ensuring that AI systems respect human rights, diversity, and individual autonomy. We strive to enhance human capabilities and well-being through responsible AI integration.
  2. UniSQ aims to design AI systems that are inclusive and accessible, avoiding discrimination and ensuring equitable treatment for all. We are dedicated to fostering an environment where everyone benefits from AI advancements.
  3. UniSQ prioritises the protection of privacy rights and the implementation of robust data protection measures. We are dedicated to safeguarding personal information and maintaining the security of all data handled by our AI systems.
  4. UniSQ is committed to clear and responsible disclosure about AI system operations. We ensure that stakeholders can understand and challenge AI decisions, and we hold those responsible for AI systems accountable for their outcomes.
  5. UniSQ strives to ensure that AI systems operate reliably and safely, adhering to their intended purposes.

Resources

The Australian Government eSafety Commissioner website offers an extensive collection of educational resources and support information regarding online safety. 

Test your knowledge

How well can you identify a phishing email? Test your skills. 

Need help?

Phone: 

+61 7 4631 1900
8.00am - 5.00pm (AEST)
Monday to Friday
Staff
Students
 iconnect