Be Cyberwise: don’t compromise

October was Cyber Security Awareness Month and an annual reminder for all of us to stay secure online.  

Be Cyberwise: Don’t Compromise 

There are so many kinds of breaches, compromises, and scams across the digital world that it requires constant vigilance from professionals and consumers alike to keep our data safe. Cybersecurity awareness helps keep our organisation, our patients, and ourselves safe from digital attacks, which is why we’ve introduced a Cybersecurity module in LATTE. 

This Cybersecurity month, we look at some of the services, methods and tools we use every day to keep Monash Health safe online.  

The latest in phishing: QR code scams 

As technology develops, so do scammers and their tricks.  

The latest trend to be aware of is phishing emails and messages that send a QR code to bypass organizational security filters. It works because once you use your phone to scan the code and follow the URL, you have exposed your personal device and systems to the scammers.  

Avoiding QR code phishing scams 

All the advice for avoiding phishing emails apply to QR Code scams:  

  • Look at the sender – does it look right to you? 
  • If there is a QR code in the email, and you recognise the sender but aren’t expecting a QR code from them, call the sender first. 
  • Never enter your credentials into third-party sites unless you’re completely sure it’s the correct site – check the web address, or call the business. 

Reporting Cybersecurity compromises 

As digital systems grow more complex, they can provide opportunities for malicious interference. As part of maintaining a robust data environment, we have introduced public contact information on our website for Cybersecurity Responsible Disclosure. 

If you believe you have found an online security vulnerability, please let us know via 

Keeping Monash Health Data Safe and Secured 

Mimecast: safe email forwarding 

As a rule, we should not exchange any clinical data in emails outside of our organisation. However, we recognise that there is sometimes a need to do this.  

If that is the case, we have tools available that can protect you, like Mimecast Secure Messaging. For support information about your Mimecast inbox, select Mimecast Central when you log into Mimecast. 

Using Baret for secure clinical communication  

Baret is an application we’ve added to our Microsoft Teams environment for non-emergency clinical communication. It’s already in use at the Victorian Heart Hospital and overnight at our other sites, and allows our clinical teams to communicate, share patient information and images in a secure Monash Health digital platform.  

This means we don’t need to use external applications and messaging systems for confidential care processes, keeping our patients and their privacy safe. 

Multi-Factor Authentication (MFA) 

Multi-Factor Authentication is a two-step verification process used to ensure your Monash Health accounts remain secure even if someone gets access to your personal or account information. It involves sending a code to your phone or generating a code from an application such as Google or Microsoft Authenticator, to add an additional level of security.  

MFA remains one of the most effective ways to protect against unauthorised access. Further MFA information can be found on the M365 Knowledge Hub:  



Approved by Joey Bawa, Chief Information Security Officer

This website is for Monash Health employees. Please be mindful before sharing links.Learn more