Information security at Aalto University
Remember your information security!
Free antivirus and other softwarehttps://download.aalto.fi
Terms and conditions to use online products and services, which Aalto University has licensed for its employee, student, alumni and other individually defined personsEnd user license agreement
If your mobile phone disappearsLost and stolen devices
Security incidents Information break-in, leak, unauthorized use, password fishing, stolen device, etc. [email protected]
Aalto password service https://password.aalto.fi/
Recommendations on social media Recommendations and guidelines on social media
Aalto university classification for cloud services https://wiki.aalto.fi/display/aaltocloudinfo/Home
It is every employee’s responsibility to mind his or her information security. If you remember some basic issues you can avoid harmful things. There are many security threats everywhere and hackers and other outside players are interested in universities, so it is very important that Aalto people are careful in security reasons. Outside players’ goal is often profit, offending things and information retrieval.
Choose a good password, change it regularly and keep it safe.
Choose a password with small and capital letters, numbers and special marks. You don’t have to tell your password anybody ever. Only people with criminal mind may ask your password. Please, familiarize with the directions for a good password!
You are not allowed to use the same passwords in other services as in the university’s services.
Use PIN-codes and automatic locking systems in mobile devices to protect them for misuse. If it is possible, encrypt the memory of your device.
Don’t open suspicious attachments or web links in email or web sites.
If you backup your files to cloud services or you write messages to web services, you should think consequences beforehand. What happens, if your mails or messages will stay in internet forever?
Keep your office door closed when you are not present even for a little time. Please, lock your workstation if you are away and log off for a night because of automatic updates.
Mobile work and security
When the work moves outside the office, mobile workers should keep in mind the same basic security issues as in the office. Besides secured network connections, device damages and the leaks of secret information need special care. You should ensure that your important data is restored and saved in Aalto file services.
Physical security is the main problem in mobile work. You should keep your devices undamaged and safe. Your laptop with its confidential data is intended only for your work, not for e.g. other family members’ use.
Consequences of data extinction or damaging can be serious. You should back up your mobile devices regularly.
- Information leaks can affect significant financial costs to the university due to contractual penalties and the loss of reputation.
- Don’t talk of important work issues in public places, buses, restaurants etc. Rivals, journalists and others can hear your business secrets.
- Work documents and screens should be protected from outsiders’ eyes in public places.
- Be careful of the information thieves. Laptops are stolen because of financially significant data at airports and other growded places. If you have to keep your laptop in the car even for a little time, you must keep it out of sight.
- Foreign flash memories may have harmful software which spreads easily. Flash memories can disappear, so don’t save your sensitive material there without encryption.
- If you connect to the internet using unsecured network, outsiders can have access to information in your laptop. You should use shielded fixed-line networks or VPN if possible. You don’t’ need Bluetooth, put it off.
If you find that you have done something wrong, don’t rush
Change your password on other workstation immediately if you suspect that somebody has got access to it.
Aalto IT’s information security team provides advice and expert assistance to Aalto University staff members, working groups and units on questions concerning information security and data protection.
The information security team implements information security mapping and audits, as well as automatic technical mapping. The various units and Aalto IT production are also given the opportunity to audit their own systems with the Nessus tool.
Cyber security hub
Aalto University’s information security team and the Computer Security and Incident Response Team (CSIRT) process all notifications of information security incidents, help resolve incidents, investigate any data breaches, and endeavour to prevent the occurrence of any incidents.