Cyber Security Policy
Cyber Security Policy
WEA Sydney is committed to protecting the privacy, security and integrity of the information entrusted to us by our students, members, staff and partners. We recognise that strong cyber security practices are essential to maintaining trust and ensuring the reliable delivery of our educational programs and services.
This policy outlines how WEA Sydney protects its systems and data, and how we work with trusted technology partners to maintain secure operations.
Our Approach to Cyber Security
Cyber security refers to the systems, processes and practices used to protect digital information and technology infrastructure from unauthorised access, disruption or misuse. At WEA Sydney, cyber security includes protecting:
- student enrolment information
- payment and financial data
- organisational records and documents
- staff and student email systems
- online learning and enrolment platforms
Managed IT Services
WEA Sydney partners with Netier, a professional managed IT services provider, to oversee and maintain the organisation’s technology infrastructure. Netier supports WEA Sydney by:
- managing and monitoring our IT systems
- maintaining security controls and network protection
- applying software updates and security patches
- providing data backup and recovery services
- supporting staff with secure technology use
- monitoring for potential cyber threats
Email and Communication Security
WEA Sydney uses Microsoft cloud-based email services to manage communications securely. Security measures include:
- spam and malware filtering
- virus protection and threat detection
- secure authentication protocols
- regular software updates and monitoring
File Storage and Data Protection
WEA Sydney stores organisational documents and operational files within secure systems managed by our IT provider. Key safeguards include:
- controlled access permissions for staff
- secure server storage and backup systems
- daily data backups
- secure authentication processes
Network Security
WEA Sydney maintains secure network access controls to protect internal systems. Security measures include:
- secure remote access using Virtual Private Networks (VPNs)
- restricted access to internal systems
- endpoint protection on staff devices and training computers
- ongoing monitoring of network activity
Secure Enrolment and Payment Systems
Student enrolments at WEA Sydney are managed through the onCourse platform, developed and operated by Ish Group. This platform incorporates robust security measures including:
- secure data storage
- encrypted payment processing
- Payment Card Industry Data Security Standard (PCI DSS) compliance for payment card security
- system monitoring and backups
- disaster recovery processes
Staff Awareness and Safe Practices
Technology alone cannot prevent cyber incidents. Staff awareness and safe digital practices are essential. WEA Sydney staff are supported with guidance on:
- identifying suspicious emails and phishing attempts
- using strong and secure passwords
- keeping devices updated
- protecting sensitive information
Incident Response and Recovery
WEA Sydney maintains procedures to respond quickly to any cyber security incident. In the unlikely event of a disruption:
- systems can be restored using secure backups
- IT specialists investigate and resolve the issue
- additional security measures are implemented if required
Insurance and Risk Management
As part of its broader risk management approach, WEA Sydney maintains cyber risk insurance coverage to support the organisation in responding to cyber incidents should they occur.
Ongoing Improvement
Cyber threats continue to evolve. WEA Sydney regularly reviews and strengthens its cyber security practices in partnership with our IT providers to ensure systems remain secure and up to date. If you would like further information about how WEA Sydney protects personal information, please refer to our Privacy Policy.