UNCLASSIFIED

Information Security Induction

Operational Systems

01/03/2018
Version v1.0

Page 1
UNCLASSIFIED
 UNCLASSIFIED

Agenda

• OS Information Security Objectives

• TfNSW Policies & Standards
• Mandatory eLearning Modules
• General Security Awareness
• Contacts

Page 2
UNCLASSIFIED
 UNCLASSIFIED

OS Security Objectives overlay with OS Branch Strategy

Integration Reliability Innovation Excellence

Operational Systems

Harnessing
More integrated technology and
Agile, reliable innovation to A great place to
Strategy

systems for a and accountable

more integrated proactively work, grow and
business influence make a
transport
network  partner  TfNSW service difference 
delivery
outcomes 
Operational Systems
Security Objectives

Operational Operational Security

Systems are Operational Systems capabilities form
securely Systems branch development, a key part of
integrated with delivers secure, technology and Operational
transport reliable services innovations are Systems service
systems secure by design excellence

DRAFT under consultation

Page 3
UNCLASSIFIED
 UNCLASSIFIED

TfNSW Security Policies &

Standards
Operational Systems Security Confluence Page - https://
confluence.transport.nsw.gov.au/display/ISOS/Operational+Systems+Cybersecurity

Transport Security Policies, Forms and Templates - http://intranet.transport.nsw.gov.au/information-security

Few Notable Policies and Standards:

Information Security Policy
Acceptable Use of Technology Standard
Security Password Standard
Information Security Incident Management Standard
Information Security Classification, Labelling & Handling Standard 
Information Security Factsheet – Clear Desk
Mobile computing and portable electronic devices security standard

The Policies and Standards applies to all permanent, temporary or casual staff
including labour hire, professionals, contractors and consultants engaged within the
Transport Cluster.
Page 4
UNCLASSIFIED
 UNCLASSIFIED

Mandatory eLearning Modules

• Complete assigned online training in Transport Equip

• Complete the training modules – ‘Code of Conduct’ and ‘Information Security
Awareness’ (Transport Equip)
• Read “Acceptable Use of Technology Standard” and return signed copy of “
Acceptable Use of Technology Form” to your manager
• Complete Government Information (Public Access) Act 2009 (GIPA act) Training
- http://intranet.transport.nsw.gov.au/apps/gipa/story.html
• Ensure all training modules assigned in Equip and other resources are
completed before due date

Page 5
UNCLASSIFIED
 UNCLASSIFIED

General Security Awareness

Keep your password protected

• Choose strong passwords
• Don’t share your passwords with anyone
• Change passwords regularly
• Do not use same passwords for multiple websites

Be aware of Phishing emails

• Don’t click on links in unexpected emails or messages from people or organisations you don’t know
• For more information visit https://www.staysmartonline.gov.au/

Handling classified information

• Everyone at TfNSW has a responsibility to protect important and sensitive information
• All documents must be classified, labelled and handled in accordance with the TfNSW Standard
• All staff must take appropriate precautions to ensure only people with a demonstrated ‘need-to-know’ are able to access
classified information

Report Information security incidents

• Security Incidents examples: Suspicious activity on your computer, Malware infection, Denial-of-Service, Unauthorised
access, Data Leakage, Website/service compromise, Stolen equipment etc.
• Report security incidents by logging a ticket at MyIT
• Contact OS Service Desk – tmc_support@tmc.transport.nsw.gov.au

Page 6
UNCLASSIFIED
 UNCLASSIFIED

General Security Awareness

Remote Access
• Only use TfNSW issued authorised devices to connect to Transport network
• Use TfNSW approved remote access methods such as Citrix, VPN etc.
• Use of unapproved tools such as TeamViewer, VNC, LogMeIn etc. is not allowed

Protect your computer

• Ensure an Anti-virus software is installed and up-to-date
• Do not install or execute unknown programs downloaded from the internet
• Avoid connecting to public wireless internet

Page 7
UNCLASSIFIED
 UNCLASSIFIED

Contacts

OS Information Security Team:

Service Desk:
Swapnil Patil
Manager, OS Information Security OS Information Security Team
Swapnil.Patil@transport.nsw.gov.au Mailbox-
OSCybersecurity@transport.nsw.gov.a
Ahmed Hussein u
OS Information Security Advisor
ahmed.hussein@transport.nsw.gov.au

Supriya Korde Operational Systems Service Desk –

OS Information Security Assurance tmc_support@tmc.transport.nsw.gov.a
Specialist u
supriya.korde@transport.nsw.gov.au

Peyman Gohari
OS Senior Information Security Report security incidents by logging a
Specialist ticket at MyIT Service Desk – 1331 48
Peyman.gohari@transport.nsw.gov.au – MyIT@transport.nsw.gov.au – 24 hrs
a day 7 days a week

Page 8
UNCLASSIFIED
 UNCLASSIFIED

Thank You..!

9
UNCLASSIFIED