Working with third parties
UOW relies on a network of suppliers, vendors, and other third parties including international partners to support its operations.
The following Cyber security risks arise when external parties have access to our systems, networks, or sensitive data:
- Data breaches of third-party systems which contain UOW data such as emails and credit card information.
- Intellectual property theft arising from insecure practices.
- Business continuity risks where the vendor is unable to provide the required service to UOW.
- Foreign Interference where a UOW insider is providing access to a foreign entity.
- Supply chain attacks to infiltrate UOW indirectly.
What we do to protect our data and systems:
- Safeguard any UOW data and information shared by reinforcing robust access controls.
- Prioritise cyber security due diligence.
- Embed cyber security requirements and standards in contractual agreements.
- Continuously monitor our environment against potential vulnerabilities arising through the supply chain.
- Raise a ticket in the IT Service Portal if you need to engage the Cyber Security Team when engaging third parties. They can assist with cyber security due diligence.
Report any suspected or actual supply chain risks to the Cyber Security Team on it-security@uow.edu.au.