Data Loss Prevention Policy

What has UNSW done?

At UNSW, we are pleased to announce that from 8 July 2020, UNSW IT has enhanced its data loss prevention technology capabilities to monitor and detect information being transmitted via UNSW ICT systems.

What is Data Loss Prevention Policy?

Data loss prevention is designed to detect and if necessary, prevent the copying or transmission of sensitive information out of the corporate network. Organisations that have personal or sensitive information are required to adhere to these guidelines when operating within Australian jurisdiction.

How does Data Loss Prevention technology work?

A comprehensive data loss prevention suite will look at data in different states and different locations, including:

- Traversing and leaving the network on authorised and unauthorised endpoints

- Data at rest, such as on file shares

- Data in use such as being printed or viewed

- Data in motion whether emailed, uploaded or copied onto removeable devices.

Data Loss Prevention Policy

What data will be monitored as part of the Data Loss Prevention Policy?

The personal and financial data that will be monitored includes sensitive personal information that UNSW has an obligation to protect to keep our staff and students safe.

What can and can’t IT Security see and do with the monitoring of the data?

The data loss prevention tools and processes do not provide the cybersecurity team with access to the content of the email, document or chat. For example, if an email is sent via Office 365/Outlook, containing a positive criterion of sensitive data, only an alert will be triggered stating the user has shared data that violates the criteria. The remaining content of the email will not be visible to the cybersecurity team using these tools.

What does this mean for me as a Student or a Staff at UNSW?

The purpose of explaining the Data Loss Prevention policy is for your awareness and to highlight that UNSW takes personal or sensitive data seriously.  No action is required from you – this is to raise awareness of our monitoring enhancements to protect your data and our business.

Where can I get more information?

For more information relating to Data LeakagePrevention Policy and monitoring protocols, please read section 2.3 of our ICT policy guide at https://www.gs.unsw.edu.au/policy/documents/ictpolicy.pdf

If you have any questions or concerns, please contact the IT Helpdesk. 

Feedback