Security Improvements Program

The Multi-Factor Authentication (MFA) project will help UQ to manage cyber security risks and protect your data and UQ systems against phishing and compromised or stolen credentials.

MFA provides an extra layer of security to validate the identity of the person who is logging in to UQ web services and systems.

It is a two-step process that involves verification of your identity through:

1. something you know (such as your UQ password)
2. something you have (such as a mobile phone application or hardware token).

This means, even if your password is compromised, a criminal won’t be able to access your account without the second factor.

A pilot is currently underway with around 350 IT staff. Following feedback, the MFA service will be deployed to all UQ IT staff, and then progressively rolled out across the University.

Changing our Cyber Security culture is a fundamental control for mitigating the risk of attacks that rely on weakness in people and processes. It will be an ongoing element of UQ's cyber security management program.

The Cyber Security Culture project aims to:

• create a culture of awareness and behaviour conducive to safe cyber security practices
• promote the importance of cyber security to enable better acceptance of cyber security practises and controls which may impact users.

These aims will be achieved through:

• providing sufficient knowledge about cyber security for staff to perform their roles effectively
• engendering behaviour change around how the UQ community approach security
• encouraging a culture where “cyber security is everyone’s responsibility”.

The Endpoint Security Upgrade was completed throughout 2019.

This upgrade involved upgrading our existing endpoint protection (anti-virus) solution, Sophos, to a more comprehensive solution offered by Symantec. The new Symantec solution is an evolved product that better recognises and mitigates threats that have not previously been seen. It is capable of integrating with other security controls to provide an enhanced overall security architecture.

Endpoint protection is considered an effective and fundamental cyber security control to protect user desktops and laptops as well as servers from malicious code execution, ransomware and other cyber threats. Endpoint protection solutions also provide increased visibility of endpoints to assist in cyber security incident detection and remediation.

Outputs of this project include protecting staff computers and servers against the risk of malware, which also protects against:

• information exposure or loss
• account compromise to gain access to other IT systems and services
• use of systems for SPAM delivery, hacking or digital currency mining
• loss or impairment of IT services.

Further outputs include:

• increased visibility of activity on staff computers and servers to improve cyber incident detection and remediation.
• providing a multi-layered IT security solution that will increase our ability to stop malicious activity/actors from traversing though the UQ IT infrastructure.

Currently, data on staff laptops is not encrypted. This project will enable a feature on staff laptops that will automatically encrypt the data on them. Drive encryption will help to protect our staff’s personal data, intellectual property, and UQ data against compromise if the laptop is lost or stolen.

Penetration testing will be carried out against five critical and high-risk applications to determine security vulnerabilities.

A detailed risk assessment will be performed for 20 high-risk applications, including two research applications. This assessment will help identify security risks and enable UQ to more effectively implement actions to mitigate these risks.

We are developing an online capability for UQ users to recover their passwords via a portal on the my.UQ website. This will streamline the process for users to recover forgotten passwords, and help mitigate against the threat of compromised accounts.

ITS is working with the School of Business to review how well cyber security risk is being managed in the School of Business, and undertake activities to improve the School of Business’ cyber security posture.