ISY3006: Information Security Report - Macquarie University
VerifiedAdded on 2022/08/21
|9
|2498
|19
Report
AI Summary
This report provides a comprehensive analysis of information security at Macquarie University, fulfilling the requirements of the ISY3006 assessment. It begins with an executive summary and an introduction to the university, emphasizing its structure and stakeholders. The core of the report focuses on documenting a security policy, including aspects like security awareness, access controls, equipment security, information asset protection, and user training. The report then identifies and assesses potential threats and vulnerabilities, such as data breaches, theft of personal belongings, network hacking, and social engineering attacks. Finally, the report proposes mitigation strategies, including securing systems with malware detection and firewalls, cloud data storage, CCTV installation, and staff training. The report concludes by summarizing the key findings and recommendations for enhancing the overall security posture of Macquarie University, providing a framework for safeguarding its data and assets.
Running head: INFORMATION SECURITY
INFORMATION SECURITY
Name of the Student
Name of the University
Author Note
INFORMATION SECURITY
Name of the Student
Name of the University
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1INFORMATION SECURITY
Executive Summary
Macquarie University is one of the finest Universities in Australia and is situated in Sydney.
The task is to document and implement a security policy for the University. Implementing
security policies should be very important for the University and the University should
enforce it to its staffs and students. In spite of the security policies and measures, the
University will have threats and vulnerabilities. The report describes about the threats and the
vulnerabilities of the University. The threats and the Vulnerabilities must be immediately
mitigated, otherwise data breach and other security issues can occur. The report focuses on
the mitigation of threats and vulnerabilities that occur in the university.
Executive Summary
Macquarie University is one of the finest Universities in Australia and is situated in Sydney.
The task is to document and implement a security policy for the University. Implementing
security policies should be very important for the University and the University should
enforce it to its staffs and students. In spite of the security policies and measures, the
University will have threats and vulnerabilities. The report describes about the threats and the
vulnerabilities of the University. The threats and the Vulnerabilities must be immediately
mitigated, otherwise data breach and other security issues can occur. The report focuses on
the mitigation of threats and vulnerabilities that occur in the university.
2INFORMATION SECURITY
Table of Contents
Introduction................................................................................................................................3
Discussions.................................................................................................................................3
About the Organization..........................................................................................................3
Security Policy.......................................................................................................................4
Threats and Vulnerabilities....................................................................................................6
Mitigations of Threats............................................................................................................6
Conclusion..................................................................................................................................6
References..................................................................................................................................7
Table of Contents
Introduction................................................................................................................................3
Discussions.................................................................................................................................3
About the Organization..........................................................................................................3
Security Policy.......................................................................................................................4
Threats and Vulnerabilities....................................................................................................6
Mitigations of Threats............................................................................................................6
Conclusion..................................................................................................................................6
References..................................................................................................................................7
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3INFORMATION SECURITY
Introduction
The organization that is taken in order to document the security policy is Macquarie
University. Macquarie University is a University of research of public that is based in
Sydney, Australia, in the town of Macquarie Park. It is founded in the year 1964 by the
government of New South Wales and it was the third University that is founded in the
Metropolitan area of Sydney.
The University was founded as a Verdant University, Macquarie has total of five
faculties, as well as Macquarie University Hospital and the Macquarie graduate School of
Management that are located in the main campus of the University in the town area of
Sydney. The Macquarie University is the first University in Australia to fully line up its
system of degree with the Accord of Bologna.
The main aim of the report is to develop a security for the university based on the
nature of the organization and stakeholders of the organization. The report focuses on the
threats and the vulnerabilities of the organization and the mitigation of the threats and the
vulnerabilities of the organization.
Discussions
About the Organization
The organization that is chosen in order to develop the security policy and assess the
threats and vulnerabilities of the organization is Macquarie University. The type of
organization that is chosen is University in order to assess the threats and the vulnerabilities
and to mitigate the threats (Mollá 2018). The University is ranked between top 2 percentages
of Universities in the world. This University is considered as one of the best University of
Australia that produces graduates among the most wanted professionals globally. It has very
strong tradition of exploration and innovation and the University continue to break new
ground with researches that is ranked top one percent globally. The University is located in
the heart of Australia and it brings around 40,000 students in one centre of discovery. The
University has invested around AU $ 1 billion in the infrastructures and facilities so that the
students of the University can flourish in environments of learning that are moving and the
University has switched on to the digital technologies those are latest (Chik, Benson and
Moloney 2018). The University is renowned for the expertise it has in several fields like
Introduction
The organization that is taken in order to document the security policy is Macquarie
University. Macquarie University is a University of research of public that is based in
Sydney, Australia, in the town of Macquarie Park. It is founded in the year 1964 by the
government of New South Wales and it was the third University that is founded in the
Metropolitan area of Sydney.
The University was founded as a Verdant University, Macquarie has total of five
faculties, as well as Macquarie University Hospital and the Macquarie graduate School of
Management that are located in the main campus of the University in the town area of
Sydney. The Macquarie University is the first University in Australia to fully line up its
system of degree with the Accord of Bologna.
The main aim of the report is to develop a security for the university based on the
nature of the organization and stakeholders of the organization. The report focuses on the
threats and the vulnerabilities of the organization and the mitigation of the threats and the
vulnerabilities of the organization.
Discussions
About the Organization
The organization that is chosen in order to develop the security policy and assess the
threats and vulnerabilities of the organization is Macquarie University. The type of
organization that is chosen is University in order to assess the threats and the vulnerabilities
and to mitigate the threats (Mollá 2018). The University is ranked between top 2 percentages
of Universities in the world. This University is considered as one of the best University of
Australia that produces graduates among the most wanted professionals globally. It has very
strong tradition of exploration and innovation and the University continue to break new
ground with researches that is ranked top one percent globally. The University is located in
the heart of Australia and it brings around 40,000 students in one centre of discovery. The
University has invested around AU $ 1 billion in the infrastructures and facilities so that the
students of the University can flourish in environments of learning that are moving and the
University has switched on to the digital technologies those are latest (Chik, Benson and
Moloney 2018). The University is renowned for the expertise it has in several fields like
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4INFORMATION SECURITY
health, business, and medical sciences. The Macquarie University provide a very wide range
of programmes that includes postgraduate, undergraduate and higher degrees. The University
also provide scholarships to the students.
The stakeholders of the Macquarie University include the Vice-chancellor of the
university, Academic and non-academic staffs, the Vice president of the Academic Senate
and a student representative. The Chancellor of the University governs the council. The
present Vice-Chancellor of the University is Bruce Dowton and he took over the post in the
September 2012 (Simpson et al 2019).
Security Policy
Every University has a security policy that can consist of information security and
other security associated with the University (Raunio, and Wagner 2017). The University
must formulate the security policy in order to make sure that the University is safe. The
security policy of the University is as follows:
Security Awareness
All the activities those are suspicious should be reported immediately.
The belongings those are personal should be locked and the personal property not be
left unattended.
The laptops and the other equipments should be locked
All the crime incidents on the premise of University must be reported to the team of
security (McCormac et al 2017)
The officers of security will make patrols of the building in order to aid in the
identification of the risks of security.
Access controls
Access control cards: the doors those are controlled by cards are an effective technique
of preventing the access those is unauthorized. The access cards should be regarded for
the purposes of security and can be used same as the key.
The visitors and the contractors will be given a visitors pass when the will enter the
university premises. The member of staff is responsible for the visitor should make sure
that they collect the pass when they leave the campus (Porwal and Mittal 2017).
health, business, and medical sciences. The Macquarie University provide a very wide range
of programmes that includes postgraduate, undergraduate and higher degrees. The University
also provide scholarships to the students.
The stakeholders of the Macquarie University include the Vice-chancellor of the
university, Academic and non-academic staffs, the Vice president of the Academic Senate
and a student representative. The Chancellor of the University governs the council. The
present Vice-Chancellor of the University is Bruce Dowton and he took over the post in the
September 2012 (Simpson et al 2019).
Security Policy
Every University has a security policy that can consist of information security and
other security associated with the University (Raunio, and Wagner 2017). The University
must formulate the security policy in order to make sure that the University is safe. The
security policy of the University is as follows:
Security Awareness
All the activities those are suspicious should be reported immediately.
The belongings those are personal should be locked and the personal property not be
left unattended.
The laptops and the other equipments should be locked
All the crime incidents on the premise of University must be reported to the team of
security (McCormac et al 2017)
The officers of security will make patrols of the building in order to aid in the
identification of the risks of security.
Access controls
Access control cards: the doors those are controlled by cards are an effective technique
of preventing the access those is unauthorized. The access cards should be regarded for
the purposes of security and can be used same as the key.
The visitors and the contractors will be given a visitors pass when the will enter the
university premises. The member of staff is responsible for the visitor should make sure
that they collect the pass when they leave the campus (Porwal and Mittal 2017).
5INFORMATION SECURITY
All the students and the staffs are needed to show their university card to the staff of
security. Failure to do this will result in an immediate request to leave the premises of
university if the identity of the university is not known
Security of Equipment
All the portable equipments such as laptops must be locked in cabinets especially at night
All the equipments those are valuable should be properly marked utilising proper
technique of identification.
The thefts of equipment those are suspected should be reported to the teams of security
and head of the department.
The heads of the department are accountable in order to maintain the inventories for all
the equipment of plant and the furniture in the departments (Kun 2017).
Installation of alarms ad CCTV on the property of University will be undertaken only
after consulting with the head of security who will advise on security response, installers
and equipments. Where the CCTV is installed, the requirements of the Act of Data
Protection must be held to.
The data of the persons is safeguarded under of Act of Data Protection. The Act creates
rights and responsibilities in relation to the features of handling the personal data. The
staffs of the University will want to handle the data those are personal in an ethical way
and this Act will offer a framework in order to reach this goal.
Protection of Information Assets
Maintaining the computer security and the associated equipments is important for the
organization. The Computers are the main target for threat, they are very easy to dispose, and
they have high value. The theft of computer may sometimes lead to the delays in the
procedures of the University, the loss of essential data and the disruption of teaching and
learning (Evans 2016). Worms and Viruses harm the data and software, it results in loss of
time, and it has the ability to close the whole University.
Harm of this kind in not predictable and by being aware of the simple measures of security
and scrutinizing them, the probability of loss and harm can be reduced. Information on the
way to safeguard data and the equipments in which the data are processed in available on the
website of CIC.
Training and Awareness
All the students and the staffs are needed to show their university card to the staff of
security. Failure to do this will result in an immediate request to leave the premises of
university if the identity of the university is not known
Security of Equipment
All the portable equipments such as laptops must be locked in cabinets especially at night
All the equipments those are valuable should be properly marked utilising proper
technique of identification.
The thefts of equipment those are suspected should be reported to the teams of security
and head of the department.
The heads of the department are accountable in order to maintain the inventories for all
the equipment of plant and the furniture in the departments (Kun 2017).
Installation of alarms ad CCTV on the property of University will be undertaken only
after consulting with the head of security who will advise on security response, installers
and equipments. Where the CCTV is installed, the requirements of the Act of Data
Protection must be held to.
The data of the persons is safeguarded under of Act of Data Protection. The Act creates
rights and responsibilities in relation to the features of handling the personal data. The
staffs of the University will want to handle the data those are personal in an ethical way
and this Act will offer a framework in order to reach this goal.
Protection of Information Assets
Maintaining the computer security and the associated equipments is important for the
organization. The Computers are the main target for threat, they are very easy to dispose, and
they have high value. The theft of computer may sometimes lead to the delays in the
procedures of the University, the loss of essential data and the disruption of teaching and
learning (Evans 2016). Worms and Viruses harm the data and software, it results in loss of
time, and it has the ability to close the whole University.
Harm of this kind in not predictable and by being aware of the simple measures of security
and scrutinizing them, the probability of loss and harm can be reduced. Information on the
way to safeguard data and the equipments in which the data are processed in available on the
website of CIC.
Training and Awareness
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6INFORMATION SECURITY
The Macquarie University is committed in order to promote and support the
awareness of staff of their responsibilities of security of information in order to make sure
that the members of the university can recognise the risk and then apply proper protection to
the information they handle as an element of their responsibility (He and Zhang 2019).
The training of the Users will be proper to their responsibilities and recognised requirements
of business that are the staff and the researchers those are postgraduate with privilege areas of
business that daily handle the information those are at high risk and it may require particular
materials of training
Threats and Vulnerabilities
In spite of great securities and security policies that are formulated by the University
there will still be threats and vulnerabilities in the University. The first and foremost threat of
the University is the data breach that can be carried out by an attacker. The University has
important data and information of the students, their credit card details and bank account and
the bank details of the staffs of the University. These important details can be hacked from
the database of the University (Joshi and Singh 2016). The personal belongings can get stolen
from the premises of the university and the personal equipments like the laptop can also get
stolen. The network on which the computers of the University works can get hacked and
important data can get lost from the system of the University and it will be great loss for the
university. The security issues of the University include phishing and attacks of social
engineering, limited assets of the University, malware of the system and protection of the
personal information. These must be kept secured from the hackers as they can utilise the
personal information or the details of bank in order to get money (Singh, Joshi and Gaud
2016). The most important issue of the University will be awareness and training of the end
users.
Mitigations of Threats and Vulnerabilities
The threats and the vulnerabilities that arise in the University must be mitigated so
that the University is not in any trouble. The first thing that the Macquarie University should
do is to secure the systems that are used by the University. The systems should have proper
malware detection applications and firewall should be installed should be installed in each
computers so that the hackers cannot enter the system through the network. The University
can also store its data in the cloud and then no one can get the important information of the
student and the staffs. The university should install CCTV camers so that the personal
The Macquarie University is committed in order to promote and support the
awareness of staff of their responsibilities of security of information in order to make sure
that the members of the university can recognise the risk and then apply proper protection to
the information they handle as an element of their responsibility (He and Zhang 2019).
The training of the Users will be proper to their responsibilities and recognised requirements
of business that are the staff and the researchers those are postgraduate with privilege areas of
business that daily handle the information those are at high risk and it may require particular
materials of training
Threats and Vulnerabilities
In spite of great securities and security policies that are formulated by the University
there will still be threats and vulnerabilities in the University. The first and foremost threat of
the University is the data breach that can be carried out by an attacker. The University has
important data and information of the students, their credit card details and bank account and
the bank details of the staffs of the University. These important details can be hacked from
the database of the University (Joshi and Singh 2016). The personal belongings can get stolen
from the premises of the university and the personal equipments like the laptop can also get
stolen. The network on which the computers of the University works can get hacked and
important data can get lost from the system of the University and it will be great loss for the
university. The security issues of the University include phishing and attacks of social
engineering, limited assets of the University, malware of the system and protection of the
personal information. These must be kept secured from the hackers as they can utilise the
personal information or the details of bank in order to get money (Singh, Joshi and Gaud
2016). The most important issue of the University will be awareness and training of the end
users.
Mitigations of Threats and Vulnerabilities
The threats and the vulnerabilities that arise in the University must be mitigated so
that the University is not in any trouble. The first thing that the Macquarie University should
do is to secure the systems that are used by the University. The systems should have proper
malware detection applications and firewall should be installed should be installed in each
computers so that the hackers cannot enter the system through the network. The University
can also store its data in the cloud and then no one can get the important information of the
student and the staffs. The university should install CCTV camers so that the personal
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7INFORMATION SECURITY
equipments and the IT equipments are not stolen (Joshi and Singh 2017). If it is stolen, then
the university staffs can monitor the cameras and can get the person. The most important
thing that the University should do is to provide training to the staffs so that they know and
defend during the time of data breach. They should be provided proper training regarding the
security of the system those are used in the university so that no such situation occurs. If it
takes place then they can stop the data breach or the situation that arise.
Conclusion
The report concludes with the security of the Macquarie University. The stakeholders of the
university are described in the report and according to the stakeholders and the University,
the security policies and threats and the vulnerabilities and the mitigation of the threats are
described. The security polices consists of the policies that should be formulated by the
University so that the University is safe from the security breach and other security of the
students and the personal assets and equipments. The security policy must be adopted and
should be enforced by the University to all the staffs and the students. The report also
discusses about the threats and the vulnerabilities that are harmful for the company. The
threat consists of the malware threats and the data breach, stealing of the IT equipments and
the other personal equipments. Another threat is the training of the end users so that they
know about the data breach and security of the system. The mitigation should be installation
of firewalls in each of the computers so that data breach does not occur, installation of the
CCTV camers and the University should train the users so that know about the security of the
system and the data breach in the systems.
equipments and the IT equipments are not stolen (Joshi and Singh 2017). If it is stolen, then
the university staffs can monitor the cameras and can get the person. The most important
thing that the University should do is to provide training to the staffs so that they know and
defend during the time of data breach. They should be provided proper training regarding the
security of the system those are used in the university so that no such situation occurs. If it
takes place then they can stop the data breach or the situation that arise.
Conclusion
The report concludes with the security of the Macquarie University. The stakeholders of the
university are described in the report and according to the stakeholders and the University,
the security policies and threats and the vulnerabilities and the mitigation of the threats are
described. The security polices consists of the policies that should be formulated by the
University so that the University is safe from the security breach and other security of the
students and the personal assets and equipments. The security policy must be adopted and
should be enforced by the University to all the staffs and the students. The report also
discusses about the threats and the vulnerabilities that are harmful for the company. The
threat consists of the malware threats and the data breach, stealing of the IT equipments and
the other personal equipments. Another threat is the training of the end users so that they
know about the data breach and security of the system. The mitigation should be installation
of firewalls in each of the computers so that data breach does not occur, installation of the
CCTV camers and the University should train the users so that know about the security of the
system and the data breach in the systems.
8INFORMATION SECURITY
References
1. Chik, A., Benson, P. and Moloney, R. eds., 2018. Multilingual Sydney. Routledge.
2. Evans, L., 2016. Protecting information assets using ISO/IEC security
standards. Information Management, 50(6), p.28.
3. He, W. and Zhang, Z., 2019. Enterprise cybersecurity training and awareness programs:
Recommendations for success. Journal of Organizational Computing and Electronic
Commerce, 29(4), pp.249-257.
4. Joshi, C. and Singh, U.K., 2016. Managing Security Risks and Vulnerabilities in
University’s IT Threats Landscape. International Journal of Computer Applications, 975,
p.8887.
5. Joshi, C. and Singh, U.K., 2017. Information security risks management framework–A
step towards mitigating security risks in university network. Journal of Information
Security and Applications, 35, pp.128-137.
6. Kun, S.H.I., 2017. On the Police's Equipment System of Public Security Emergency
Priorresponse. Journal of Sichuan Police College, (1), p.14.
7. McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M. and Pattinson, M.,
2017. Individual differences and information security awareness. Computers in Human
Behavior, 69, pp.151-156.
8. Mollá, D., 2018. Macquarie University at BioASQ 6b: Deep learning and deep
reinforcement learning for query-based multi-document summarisation. arXiv preprint
arXiv:1809.05283.
9. Porwal, S. and Mittal, S., 2017, August. Implementation of Ciphertext Policy-Attribute
Based Encryption (CP-ABE) for fine grained access control of university data. In 2017
Tenth International Conference on Contemporary Computing (IC3) (pp. 1-7). IEEE.
10. Raunio, T. and Wagner, W., 2017. Towards parliamentarisation of foreign and security
policy?. West European Politics, 40(1), pp.1-19.
11. Simpson, A., Thogersen, J., Hammond, G., Janiszewski, L. and Guerry, E., 2019.
Developing cross-disciplinary networks with university collections: a case
study. University museums and collections journal, 11(1), p.116.
12. Singh, U.K., Joshi, C. and Gaud, N., 2016. Measurement of security dangers in university
network. International Journal of Computer Applications, 155(1), pp.6-10.
References
1. Chik, A., Benson, P. and Moloney, R. eds., 2018. Multilingual Sydney. Routledge.
2. Evans, L., 2016. Protecting information assets using ISO/IEC security
standards. Information Management, 50(6), p.28.
3. He, W. and Zhang, Z., 2019. Enterprise cybersecurity training and awareness programs:
Recommendations for success. Journal of Organizational Computing and Electronic
Commerce, 29(4), pp.249-257.
4. Joshi, C. and Singh, U.K., 2016. Managing Security Risks and Vulnerabilities in
University’s IT Threats Landscape. International Journal of Computer Applications, 975,
p.8887.
5. Joshi, C. and Singh, U.K., 2017. Information security risks management framework–A
step towards mitigating security risks in university network. Journal of Information
Security and Applications, 35, pp.128-137.
6. Kun, S.H.I., 2017. On the Police's Equipment System of Public Security Emergency
Priorresponse. Journal of Sichuan Police College, (1), p.14.
7. McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M. and Pattinson, M.,
2017. Individual differences and information security awareness. Computers in Human
Behavior, 69, pp.151-156.
8. Mollá, D., 2018. Macquarie University at BioASQ 6b: Deep learning and deep
reinforcement learning for query-based multi-document summarisation. arXiv preprint
arXiv:1809.05283.
9. Porwal, S. and Mittal, S., 2017, August. Implementation of Ciphertext Policy-Attribute
Based Encryption (CP-ABE) for fine grained access control of university data. In 2017
Tenth International Conference on Contemporary Computing (IC3) (pp. 1-7). IEEE.
10. Raunio, T. and Wagner, W., 2017. Towards parliamentarisation of foreign and security
policy?. West European Politics, 40(1), pp.1-19.
11. Simpson, A., Thogersen, J., Hammond, G., Janiszewski, L. and Guerry, E., 2019.
Developing cross-disciplinary networks with university collections: a case
study. University museums and collections journal, 11(1), p.116.
12. Singh, U.K., Joshi, C. and Gaud, N., 2016. Measurement of security dangers in university
network. International Journal of Computer Applications, 155(1), pp.6-10.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 9
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2026 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.