Definitions
Authorised person
Authorised person for the purpose of this policy, includes:
- the Secretary, a Deputy Secretary, an Assistant Deputy Secretary, a Regional Director, a regional Executive Director, a School Principal, the Executive Director People Division, the Chief Information Officer (CIO) or equivalent roles (or delegate)
- the manager of the Employee Conduct Branch or the equivalent branch, or an officer of the Employee Conduct Branch authorised by the manager
- any other person authorised by the Secretary to the Department of Education and Training
Department email systems
Department email systemsis eduMail and any other school or Department email system used for the purpose of school related or other Department electronic communications. Department email systems are part of Department ICT resources.
Department ICT resources
Department ICT resources includes but is not limited to all networks, systems, software and hardware including local area networks, wide area networks, wireless networks, intranets, Department email systems, computer systems, software, servers, desktop computers, printers, scanners, personal computers (desktops, notebooks and tablets), mobile phones, portable storage devices including digital cameras and USB memory sticks, handheld devices and other ICT storage devices.
Electronic communications
Electronic communicationsincludes email, instant messaging, virtual conferencing, social media and any other material sent electronically.
Malware
Malware is malicious software programs designed to cause damage and other unwanted actions on a computer system. Common examples include computer viruses, worms, spyware and trojans.
Peer-to-peer file sharing
This is the sharing of files between systems on a peer-to-peer (P2P) network. Files can be shared between computer systems on the network without the requirement of a central server. An example of illegal P2P file sharing is the sharing of copyrighted files without the authorisation of the copyright owner, such as copyrighted film, book and music files.
Personal use
Personal use is all non-work related use of Department ICT resources including internet usage, social networking and private emails.
Phishing
Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and indirectly, money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.
Ransomware
Ransomware is a type of malicious software that threatens to publish the victim's data or block access to it unless a ransom is paid.
Spam
Spam is unsolicited commercial electronic messages sent over the internet.
User(s)
User(s) is any person using Department ICT resources.
Vishing
Vishing is a form of phishing that uses the phone system or voice over internet protocol (VoIP) technologies. The user may receive an email, a phone message, or even a text encouraging them to call a phone number due to some discrepancy. If they call, an automated recording prompts them to provide detailed information to verify their account such as credit card number, expiration date or birthdate.
Whaling
Whaling is a type of phishing that targets high-profile users such as corporate executives, politicians and celebrities. Whaling emails and websites are highly customised and personalised, often incorporating the target's name, job title or other relevant information gleaned from a variety of sources.
Reviewed 09 June 2020
