Content components

Victorian Protective Data Security Framework and Standards

The Victorian Protective Data Security Framework and Standards (VPDSF) is the overall scheme for managing protective data security risks in Victoria’s public sector.

The VPDSF consists of the:

You can contact the Office of the Victorian Information Commissioner for advice on the applicability of the VPDSF to your Victorian Government organisation.

Australian Government Information Security Manual

This Information Security Manual (ISM) helps organisations to protect their information and systems from cyber threats. 

These guidelines are intended for:

  • chief information security officers (CISOs)
  • chief information officers (CIOs)
  • cyber security professionals
  • information technology managers

Access the Australian Government Information Security Manual (produced by the Australian Cyber Security Centre.

The 'Essential Eight'

The Australian Cyber Security Centre has compiled a list of mitigation strategies, known as The Essential Eight that organisations can use as starting points to improve their cyber resilience. These should be implemented as a baseline where possible.

Implementing these 8 strategies proactively can be more cost-effective in terms of time, money and effort than responding to a successful large-scale cyber security incident.

The Essential Eight are:

  1. Application whitelisting - Whitelist approved and trusted programs to prevent the execution of unapproved or malicious programs from executing.
  2. Patching applications - Perform regular patching/updating of applications in your network.
  3. Office macros - Configure Microsoft Office products to block the execution of un-trusted macros.
  4. Harden user applications - Tightly control applications that have the ability to perform unwanted or potentially vulnerable actions.
  5. Restrict administrative privileges - Restrict administrative privilege for operating systems and applications based on user duties.
  6. Patch operating systems – Routinely patch and upgrade your operating systems to the latest versions.
  7. Use multi-factor authentication - Set up multi-factor authentication to provide higher authentication assurance for privileged, power and remote user access.
  8. Backup daily – Create regular backups of your most important data and configuration settings to help you recover quickly from a disruption. Keep backups on a device that is not connected to your network.

Cloud security guidelines

The cloud security guidelines are intended to support Victorian Government organisations in making informed, risk-based decisions about the use of cloud services.

They are targeted at general management, cyber security and IT security practitioners. They assume basic knowledge of cloud computing and enterprise security architectures.

Download the guidelines:

These guidelines were developed by the Department of Premier and Cabinet Cyber Security Unit for use by Victorian Government organisations.

Introduction Text
Boost your cyber security using these standards, guidelines and tips.
Topic
Show Contact Us?
On
Contact Us
Title
Contact the Chief Information Security Officer
Email
vicgov.ciso@dpc.vic.gov.au
Phones
Department Name
Department of Premier and Cabinet
Show Site-section Navigation?
On
Show topic term and tags?
On
Site-section Navigation Title
Cyber security
Background Colour
White
Was this page helpful?