Information security at Aalto University

Remember your information security!

IT Policies and Guidelines

Free antivirus and other softwarehttps://download.aalto.fi

Terms and conditions to use online products and services, which Aalto University has licensed for its employee, student, alumni and other individually defined personsEnd user license agreement

If your mobile phone disappearsLost and stolen devices

Security incidents Information break-in, leak, unauthorized use, password fishing, stolen device, etc. [email protected]

Aalto password service https://password.aalto.fi/

Recommendations on social media Recommendations and guidelines on social media

Aalto university classification for cloud services  https://wiki.aalto.fi/display/aaltocloudinfo/Home

General guidelines

It is every employee’s responsibility to mind his or her information security. If you remember some basic issues you can avoid harmful things. There are many security threats everywhere and hackers and other outside players are interested in universities, so it is very important that Aalto people are careful in security reasons. Outside players’ goal is often profit, offending things and information retrieval.

Choose a good password, change it regularly and keep it safe.

Choose a password with small and capital letters, numbers and special marks. You don’t have to tell your password anybody ever. Only people with criminal mind may ask your password. Please, familiarize with the directions for a good password!

You are not allowed to use the same passwords in other services as in the university’s services.

Use PIN-codes and automatic locking systems in mobile devices to protect them for misuse. If it is possible, encrypt the memory of your device.

Don’t open suspicious attachments or web links in email or web sites.

If you backup your files to cloud services or you write messages to web services, you should think consequences beforehand. What happens, if your mails or messages will stay in internet forever?

Keep your office door closed when you are not present even for a little time. Please, lock your workstation if you are away and log off for a night because of automatic updates.

Mobile work and security

When the work moves outside the office, mobile workers should keep in mind the same basic security issues as in the office. Besides secured network connections, device damages and the leaks of secret information need special care. You should ensure that your important data is restored and saved in Aalto file services.

Physical security is the main problem in mobile work. You should keep your devices undamaged and safe. Your laptop with its confidential data is intended only for your work, not for e.g. other family members’ use.

Consequences of data extinction or damaging can be serious. You should back up your mobile devices regularly.

• Information leaks can affect significant financial costs to the university due to contractual penalties and the loss of reputation.
• Don’t talk of important work issues in public places, buses, restaurants etc. Rivals, journalists and others can hear your business secrets.
• Work documents and screens should be protected from outsiders’ eyes in public places.
• Be careful of the information thieves. Laptops are stolen because of financially significant data at airports and other growded places. If you have to keep your laptop in the car even for a little time, you must keep it out of sight.
• Foreign flash memories may have harmful software which spreads easily. Flash memories can disappear, so don’t save your sensitive material there without encryption.
• If you connect to the internet using unsecured network, outsiders can have access to information in your laptop. You should use shielded fixed-line networks or VPN if possible. You don’t’ need Bluetooth, put it off.

If you find that you have done something wrong, don’t rush

Rushing may worsen the state of affairs. Please, contact ServiceDesk and wait for advice: [email protected], [email protected], tel.  +358 50 513 2000.

Change your password on other workstation immediately if you suspect that somebody has got access to it.

If your account has been stolen, you can have it back by changing your password  with your bank identifiers in password.aalto.fi  service. [email protected] , [email protected]