Information technology security at Deakin

Deakin takes the security of its data, IT facilities and IT infrastructure very seriously. All users of these facilities are obliged to abide by the IT Use Policy and Procedure, the IT Security Policy and other IT related policies published in The Guide.

Access to information resources and the IT environment is a privilege and must be treated as such by all users of the University's IT resources. Access to University information and the sharing and security of that information requires that each user accepts responsibility to protect the rights of the University and the University community.

Minimum security standards

eSolutions sets minimum standards for all Deakin's Information and Communication Technology (ICT) facilities, services and materials.

These standards are based on industry best practice benchmarks and the University's IT Security Policy.

The objectives of the standards are to protect the confidentiality, integrity, and availability of the system and its information by:

• facilitating a consistent, comparable and repeatable approach for selecting and specifying security controls for information systems
• supporting a defence in depth security structure along with a least privilege approach and a need to know basis for all information access
• providing a catalogue of security controls to meet the University's current and future protection needs based on changing requirements and technologies
• creating a foundation for the development of assessment methods and procedures for determining security control effectiveness

IT Security standards, guidelines and checklists are only accessible to University staff.

To request an exception from compliance with the minimum standards, contact the IT Service Desk or email it-security@deakin.edu.au.

Business or system owners may develop stricter standards for themselves.