ITS Information Security Centre
Short URL: infosec.massey.ac.nz
Welcome to the ITS Information Security Centre. This page contains security related information that is important to all Massey staff and students
Policies
All Massey University staff and students who use Massey's information systems must adhere to Massey’s policies.
A list of Massey policies can be found at Massey University Policy Guide
Information Security Manual
This document provides a quick reference guide to staff for information security tips, procedures and policies, to improve awareness for managing and protecting information security across the University.
Spam, Phishing and SPIT
Targeted spam email is known as 'phishing'. See Spam and Phishing for more information.
Unwanted calls over video conferencing are known as SPAM over IP Telephony, or SPIT for short. See SPIT for more information.
Software updates
Software updates are an important step in protecting your computer from attack or misuse. See Software updates for more information
Viruses and Malware
A computer virus is a computer program that replicates itself and can spread from one computer to another computer. Malware is a term which is short for 'malicious software'. See Viruses and malware for more information.
Web and application filtering
Massey University monitors and in some cases filters internet use to mitigate risk relating to inappropriate use and security threats. Details on these filtering controls can be viewed inside.
Internet Usage and Copyright Law
Internet logs are reviewed at Massey on a daily basis. Any illegal downloading will result in disciplinary action. It is important that your understand the copyright law and Massey's Internet Usage Policies.
Information security is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. At Massey, the discipline of information security is lead by the University’s Risk Management Framework. Through this, Massey assesses risks relating to the University’s information systems people, processes and technology. Controls to mitigate risk to acceptable levels are implemented based on these risk assessments.
Low level risks are assessed within the Information Security Office, senior ITS Management and members of the relevant areas of the University. Medium level risks are assessed within senior ITS Management, and more senior members of the relevant areas of the University. Higher level risks are assessed by senior ITS Management, more senior members of the relevant areas of the University, and University Senior Leadership.
Security project
Note: ITS is migrating current firewall systems from Check Point to Fortinet over the course of 2015.
More
Find My iPad
Learn how to set up Find My iPad so you can track yours down if it goes missing, or remotely wipe it if it's lost or stolen.
Always Be Careful
The ABC's of security. Some quick tips and hints to help you stay secure.
The Information Security Manual has more in-depth information.
Mobile and Cloud App testing
Mobile computing devices have two main needs to function at Massey. The first of these is a wireless network connection and the second is an Internet connection. The latter of these is predominantly based on connectivity to and use of mobile/cloud apps.
Information Security Incident Response Plan
Massey University’s Information Security Incident Response Plan documents the standard response to information security incidents.
Passwords
All passwords must adhere to Massey's Password Policy standards:
- Passwords are required to be a minimum length (at least seven characters)
- Passwords must be changed at least every six months
- Passwords must have a certain amount of complexity
To change your password or to learn more about Password Requirements please visit Change Network Password
To ensure that you are abiding to Massey’s password policy requirements — please read the Usercode and Password Policy
A final note: You are responsible for your own password security. Never share your usercode and password details with someone else. You will be held responsible for activities associated with your usercode, whether you undertake these activities or someone else does. If you come across any strange activity that appears to relate to your usercode and password or would like to report a security breach — please advise the ITS Service Desk.
Internet Usage and Copyright Law
In April 2011 the New Zealand Government passed the Copyright (Infringing File Sharing) Amendment Act 2011. This act amends the Copyright Act 1994 to provide owners (Rights holders) of copyrighted works such as movies, TV shows and music with a quicker and easier way to penalise people infringing their copyright from illegal downloading using file sharing applications such as Peer To Peer. Internet logs are reviewed at Massey on a daily basis. Any illegal downloading will result in disciplinary action. It is important that your understand the copyright law and Massey's Internet Usage Policies. To learn more visit the links below:
Spam, Phishing and SPIT
Targeted spam email is known as 'phishing', where the sender tries to "trick" you into giving out personal details, such as bank account details, usernames and passwords etc. These emails can be very difficult to distinguish from legitimate emails.
Unwanted calls over video conferencing are known as SPAM over IP Telephony, or SPIT for short.
More information on Spam, Phishing and SPIT can be found via the links below:
Note: Massey will never ask you to supply your username / usercode and password via email. If you need to change your password — it can be done via the Change Network Password page: https://issmgmt.massey.ac.nz/passwordreset/change_mypasswd.cgi
If you have forgotten your password you should Contact ITS to get a new, temporary password allocated - you will need to be able to identify yourself.
Viruses and Malware
A computer virus is a computer program that replicates itself and can spread from one computer to another computer. Malware is a term which is short for 'malicious software'. It is a piece of software that helps hackers disrupt computer service, gather sensitive information or to gain unauthorized access to a computer system which may harm a computer system's data or performance
To learn more about Viruses and how to protect yourself visit the Virus FAQ.
Software updates
Want to know more about software updates? — take a look inside.
Software updates are an important step in protecting your computer from attack or misuse, by checking regularly for software updates and patches not only will you eliminate security vulnerabilities, but also will fix any bugs in the code and update product enhancements. Software updates include those provided for the Operating System (OS) of your computer but should also include other application software that run on your computer.
Application software
Application Software
Application software updates are just as important as the OS updates, you need to consider all the other software applications that run on your computer that needs updating or patching, examples of application software that needs updating regularly is Java, Adobe and Internet Browser software.For more detailed information on how to install Application Software updates — visit Application Software Updates
Windows Update
Microsoft Updates
Microsoft Critical and Security Updates are currently released automatically to Massey computer systems on a monthly basis;
For more detailed information on how to install Microsoft updates — visit Microsoft Updates
Apple Software Update (Mac OS X)
Apple Software Update (Mac OS X)
Macintosh updates are not currently being pushed out to Massey Computer systems automatically so it is highly recommended that you check for new updates on a regular basis.
* If your department have their own IT support, please check with them before you apply any software updates
To check for new updates:
- Click the Apple menu and choose Software Update
- The updates icon will be shown in the Dock
For more information on how to install Macintosh Software Updates and to set up automatic software updates, please see http://support.apple.com/kb/HT1338
Contact the Service Desk
Phone 06-356-9099 ext. 82111 (preferred method)
7:45am - 5pm, Monday to Friday
(excluding Public and University holidays)
Out-of-hours Support
AskUs Self-Service to log a request online (staff)
Other ITS Information
IT Services Dashboard (staff)