Student IT security

Protection of the University’s computer systems and data is extremely important.


Viruses and other malicious software can spread quickly across campus, destroying files in the process.

  • It is recommended that all personal Windows or Macintosh systems that connect to the University network run up-to-date antivirus software.
  • You should scan all mail attachments and files on portable devices (eg, USB sticks) before opening them, and treat all email attachments with caution.
  • If you connect a privately owned laptop which is infected to the University of Auckland wireless network, your access to the wireless network will be revoked without notice.

Software and file downloads

You should not download and install any software onto University computers without appropriate authorisation.

  • Unmanaged installations can compromise the ICT operating environment and also constitute a security risk.
  • All software installed on computers should be appropriately licensed.
  • The use of unlicensed software (software piracy) is illegal and puts the University at significant risk of legal action.

Security incidents

All serious information security incidents that could affect the wider University community, such as an email worm spreading or a suspected information security breach should immediately be reported to the Staff Service Centre.

Staff Service Centre

Phone: +64 9 373 7599 ext 86000

For urgent issues that occur outside the Staff Service Centre operating hours (7:30am to 6:00pm Monday to Friday), you can additionally contact:

IT Operations

More information about security incidents can be found on the Safe Computing page: Report a security incident.


A phishing attack is when someone deliberately tries to obtain your username and password to use them in a malicious way. These individuals want your username and password to send spam or more seriously infiltrate the University’s network. Do not be tricked into giving away your username or password.

Most phishing is conducted by email. Some attacks are pretty obvious. For example, "Your mail box is over quota, please reply to this email including your username and password to get more quota". Or you may be provided with a 'link' in an email that takes you to a form that asks for your username and password.

It's easy to get caught out. Find out how to recognise a Phishing attack.

Sharing your login credentials

  • Your username and password are only for you to know.
  • You should never share your username and password with another person. This includes your friends, parents, spouse, your manager, or to any other authority.
  • You should not share your username and password with your parents so that they can check your progress.
  • Use of your username and password are routinely monitored for abuse. Unusual account activity such as accounts being used from different places at the same time will be investigated.

More information about passwords can be found in the Password management guidelines.

  • You will never be asked for your password by University staff - all such requests are fraudulent.
  • Never send your password in an email.

IT Security policies

For information on IT security policies, visit the the Policies website