The following network security and privacy policy notes were developed out of a meeting of concerned departmental computing staff held on 15 July 1992. At this stage they are only suggestions for inclusion in UWA security policy. Please send any comments to phil@ucs.uwa.edu.au.

Suggested UWA Security Policy:

• Network users (staff and students) must acknowledge that their use of the network will be monitored for the purpose of controlling network security.
• Privileged access to networked system must only be provided where needed and those with privilege must use it only for necessary network maintenance purposes.
• All network users must be identified before being allowed access out of UWA. Identification may be by userid on a secure machine or access from a secure personal workstation used by only one person.
• All network cabling cupboards and ducts should be physically secure.
• All network administrators must be made aware of their network security responsibilities and general site security matters. The 'Site Security Handbook' is recommended reading.
• Federal Police should be informed of any security incident.
• UCS will maintain a list of security contacts (network administrators) for all UWA connected networks. The contact is to be informed of all security incidents reported to UCS (AARNet or UWA).
• All security incidents are to be reported to UCS.
• All observed system activity that may indicate a security problem should be posted to the UWA PUBLIC SERT mail list at sert-public@uniwa.uwa.edu.au.
• In the event of a security incident being reported to UCS, the contact persons for the involved networks should be contacted as soon as possible. UCS may temporarily partition the campus network to protect system from damage.