Office of Chief Information Security Officer

The Cyber Security information and resources collected on this page is intended to provide an introduction to the topic, and help you protect yourself, your friends and family, and the wider University community as a result. We encourage everyone to look through what's here.

If you're looking for additional resources tailored for University staff, come join us in the Security Corner (staff login required).

Focus: Device Security & Travelling

As travel continues to open up, there is a greater need to take steps to keep yourself secure while travelling. ITDS have developed a one-page security guidelines for travelling overseas (PDF, 105.26 KB) (opens in a new window) to provide some advice on keeping your devices and data secure. These twelve tips that turn away technical troubles are valid for University staff & students as well as the general public.

If you'd like to learn more, the Australian Cyber Security Centre (ACSC) also has some general information on protecting devices while travelling (opens in a new window).

Be Smart with your devices: lock your devices; do not leave devices unattended; do not download files from untrusted sources.

(click view full size)

Device Hygiene & Bring Your Own Device

If you’re using your own device to access University services, please make sure you’re practicing good device hygiene, to ensure our data is kept as securely as possible.

When accessing University data or digital services, ensure the device(s) used are secure: install system updates as they’re made available by the device’s manufacturer, and have functioning antiviral software. With these, you are much less vulnerable to viruses and we are all more secure.

Lock your device

Setting a pin, password, fingerprint or facial recognition is often the first and easiest steps in preventing unwanted access to your devices.

Manage Wireless Services

You should be turning Bluetooth and WiFi off when they are not in use as they can provide attackers an avenue to access your devices

Set up remote tracking

In the event you lose a device, or it gets stolen, services like Find my iPhone or Find My Device can allow you to lock or wipe your device remotely

Take care around WiFi hotspots

Free public WiFi Hotspots often provide little in terms of security. Therefore, you should not access sensitive data (like mobile banking) when using them. If you’re creating a hotspot with your phone, make it secured with a strong, unique password

If you need to safely connect a device to the ‘Western WiFi’ Network, instructions can be found in KB0014236 (opens in a window).


Passwords are the keys to your digital kingdom! It is vitally important they are strong and secure.

  • Make different passwords for different accounts
  • Don't share your password with anyone
  • Consider changing your passwords regularly, at least once annually
  • When you have the option to, switch on Multifactor Authentication
  • If you struggle to remember multiple passwords, consider using password management software.

Looking for advice on managing the password to your Western Account? ITDS maintains a Western Sydney University Password Management (opens in a new window) knowledge article.

Not sure how secure your password is? Test it out at 'how secure is my password' (opens in a new window) - a free online password tester (external resource - you will be leaving the University's IT environment).

Focus: Phishing

Be sceptical with emails. Ask yourself: who is sending this; where do links lead; why is it urgent; is it too good to be true?

(click to view full size)

Phishing is a scam to try and steal your identity, your money, or both. Don't get hooked!

Spotting and reporting phishing

Check out our guide to avoid getting caught! (opens in a new window)

Have a look at our short video on recognising phishing emails! (opens in a new window)

Phishing & COVID-19

Scammers have been using the COVID-19 epidemic as bait in phishing scams, not just emails but in text messages and social media. Now, more than ever, maintaining healthy scepticism is vitally important. If you receive a suspicious message, report it to the IT Service Desk.

Here's some updates and advice on COVID-19-themed phishing from official sources:

  • An alert from SCAMWatch (opens in a new window)
  • An alert and some examples of COVID-19 phishing scams from the ACSC (opens in a new window)

For more information on these organisations, see External Resources section below.

Need further assistance?

If you have cyber security concerns, or think you may have been scammed, please contact the IT Service Desk by:

Cyber Security in the IT Knowledge Base

If you want to explore Cyber Security in more depth than outlined above, there are Knowledge Articles that cover several Cyber Security topics. If you're not sure where to start, we've created a Cyber Security Knowledge Base Reference Guide to help!

We particularly encourage students to read through our Student Cyber Security Guide 2020, which is available through the Knowledge Base, article KB0016229 (opens in a new window).

External Resources

The Australian Cyber Security Centre

The Australian Cyber Security Centre (ACSC)(opens in a new window) is operated by the Commonwealth government and provides advice, education and resources on Cyber Security for individuals, businesses, and large organisations alike. It contains content on creating better passwords, protecting yourself from phishing and similar email scams, protecting yourself from identity theft, and more.
The ACSC even has a small number of videos on their YouTube channel (opens in a new window).


SCAMWatch (opens in a new window) is the Australian Competition and Consumer Commission (or ACCC)'s online information and reporting website for scams of all varieties - its scope is wider than only scams committed using the internet. You can also use it to see stats around the amount of scamming happening, the kinds of scams happening, and how to protect yourself.
We would particularly draw your attention to the Little Black Book of Scams (opens in a new window), a document published by the ACCC through their website. The book identifies several common scams, how to recognise them, and how to avoid them.

The eSafety Commissioner

The Australian eSafety Commissioner (opens in a new window) is a Commonwealth government agency created with the goal of improve the safety of Australian citizens online, and provides awareness and education materials on safely navigating online spaces. The eSafety Commissioner's website includes resources developed specifically for educators (opens in a new window), parents (opens in a new window), seniors (opens in a new window), and many more. A highly valuable resource for developing your own online safety habits, or starting conversations with others.


IDCARE (opens in a new window) is Australia and New Zealand's national identity & Cyber support service. IDCARE is a not-for-profit Australian charity organisation that was created to provide support and advice to people who are recovering from ID theft. The website also includes information on how to recognise the signs of identity theft.

Have I Been Pwned?

The 'Have I been Pwned' (opens in a new window) website is a free resources that can be used to check whether your email address has been involved in a data breach. This is especially useful to know whether passwords need to be changed or how likely it is that someone could use your information to impersonate you online.

How Secure is my Password?

'How secure is my password' (opens in a new window) is a free online password tester - see above for more information. it can be very informative to see just how fast common or weak passwords can be compromised.

Terms of Service; Didn't Read

'ToS;DR' (opens in a new window) is an online database comparing and rating the Terms of Service & Privacy Policies for various commonly used online services. Their goal is to raise awareness of users' rights, as well as which services are better at promoting them. This project isn't affiliated with the University, but is an interesting resource if you want to learn more about user rights and terms of service.