Otago Polytechnic is committed to providing an environment that is enjoyable, safe and secure for all students, staff and visitors.
The internet - your go to for group chats, study guides, and where to find a good coffee.
If 2020 taught us anything, it's that we are more digitally connected than ever.
From studies to work, we all rely on staying connected online. Your laptop, desktop, mobile device, iPad, watches... they all have one thing in common - sharing substantial data about you and your habits.
Cyber-attacks are becoming more common, due to this we must put an emphasis on cyber safety.
Believe it or not your data and personal information is as valuable as gold to attackers.
We encourage all our learners and staff to increase their resilience online.
By following these 4 tips from the updated 2020 Privacy Act we can keep ourselves safe online, protect our privacy and avoid cybercrime in this digitally switched on day and age.
1. Only hold private information in approved systems. Not places like Google, or Survey Monkey.
You may save a minute by storing your usernames and passwords on your computer for easy log in, or ensuring your device automatically fills out full names, addresses and phone numbers in the required fields.
Whether we like it or not, this can lead to a huge security breach.
Personal information is like gold - Hold it and protect it.
Do not store your private info in unapproved systems (Google, Survey Monkey, AliExpress, Facebook)
2. Only disclose private information to others if you are certain they are operating under the requirements of NZ privacy laws.
Share your info with care, know who you're talking to and who to trust.
- Bank details, EFTPOS pins, CVC numbers - Stop and think before you share your private information.
- Facebook Marketplace/Trade Me – Think before you tell a seller your delivery address, especially when purchasing OP branded uniforms.
- Ecommerce sites - Read reviews or search up forums and blogs on the site to be certain they are not a scam.
Avoid sending private info via email or over the phone as you may not know who is on the other end of the screen, or what they may do with your information.
Before sharing any personal info with others, you must be certain that they are trustworthy and operating under the requirements of NZ privacy laws
3. Only keep private information if you have a clear and legitimate intention of using it
Information hoarding is a real thing.
The most common scenario of this is when you store all your passwords, pins and personal info in a list in the notes app on your phone, sitting somewhere on your computer, or written down on a sticky note.
This info can be left sitting there unprotected for months, even years. Unless you intend on using private info immediately, with clear and legitimate reasons, do not keep it.
Hoarding private information will make you more vulnerable to cyber-attacks.
4. If there is a privacy breach, Otago Polytechnic must notify The Office of the Privacy Commissioner
Report, Report, REPORT
Following The 2020 Privacy Act, If there is a privacy breach that is believed to have caused (or is likely to cause) serious harm, Otago Polytechnic will need to notify The Office of the Privacy Commissioner and affected individuals as soon as possible.
It becomes the organisations responsibility to notify breaches, not the individual.
It is notable that not all breaches must be reported. "The threshold for a notifiable breach is 'serious harm' (The Privacy Act, 2020).
The act recommends considering aspects like the sensitivity of the information lost, actions taken to reduce the risk of harm, the nature of the harm that could arise, and any other relevant matters.
So, if you see something suspicious in your emails, student, or staff hub, follow your gut and always report it.
Cyber Safety Best Practices
Be careful where, and why you share your personal information
Personal information includes:
- Email addresses
- Full names
- Date of birth
- Home address
- Place of employment or where you study
- Banking details, card numbers, pins, passwords, or security codes
- Medial information
- Lifestyle details, interests, activities, and connections
Think before you type
What goes online will in fact stay online. Stop and think before you send an email, tweet, or Facebook post.
Don’t engage in spam
Keep your emails secure. Spam is and always will be an ongoing issue. When it comes to spam, best practice is to delete the message, do not read, do not click and do not open.
Use a secure password
Using a weak, guessable password such as 123456, Password or your name will not protect your personal information.
OP recommends making a passphrase that is at least 16 characters long, with a combination of uppercase, lower case, numbers, and special characters. It is best to have a different password for each online account - use a password manager to keep track of them all like keepass
Most importantly, do not share your password. Ever.
If you want to check an issue, report an issue, or just want some more information, talk to the support services below.