Email tips to help protect UNSW’s sensitive data

Auto-forwarding UNSW emails to an external mailbox may pose security risks.

As UNSW staff, we all play an important part in protecting the security of our digital information from unauthorised access, use and disclosure.

Email is the most widely used communication tool in our organisation for sending attachments and links to potentially sensitive information. The University has made significant investments to protect our email system by implementing cyber security controls such as anti-phishing and anti-malware protection.

Setting up automatic forwarding rules to send all your UNSW emails to an external mailbox potentially exposes that email, and any data that it includes, to security risk. The presence of UNSW emails in unprotected mailboxes could lead to the unintended compromise of sensitive University data through exposure to malware infections and phishing attacks.

A breach of data classified as Sensitive or Highly Sensitive would have a high impact on the University’s reputation, and caution should be exercised when forwarding information outside of the University, especially via email.

Follow these recommended email practices to help keep our data safe:

1. Check your UNSW email inbox regularly for important University updates.
2. Set up your device to remotely access University email through a supported email application such as Outlook or access your email via Outlook Web Access (OWA) on a browser.
3. Only access your UNSW email on your UNSW managed device.
4. Only share data with others who are authorised to access it.
5. Please consider disabling any automatic email forwarding rules in Outlook. By automatically forwarding sensitive emails to an external mailbox that doesn’t have the same level of security as the University, you expose that data to potential compromise and the University to liability for any associated privacy or security breach.
6. Do not forward sensitive information, especially emails with a “do not forward” label.
7. Sensitive and Highly Sensitive data should be stored on trusted platforms such as OneDrive and SharePoint. The UNSW Cyber Security Standard – Data Security and the UNSW Data Governance Policy provide detailed guidelines on the storage of UNSW data.

Refer to the cyber security webpage for more information. For technical support, please call the IT Service Centre on 9385 1333.

See our guide, Disable the auto-forwarding rule in Outlook.