Information security guide for students

Information security is very important! Keeping your data safe helps you and others too.

Information security in brief

It is important to protect your data and documents and also your personal information such as user-id, password, email, bank account number, address etc. Most problems and threats with information security can be avoided using your common sense. Please, have a look at detailed guides for data security and rules of useProtection against viruses is a security issue, too. 

  1. You are responsible for all activities carried out under your user ID. Apart from your personal data, also remember to protect other people's information that is in your possession. Never tell your password to anyone else.
  2. Choose a password that is easy for you to remember but impossible for others to figure out. Choose different passwords for the university systems and any external services.
  3. Don't open e‐mail messages if you are uncertain of their origin. E‐mail messages may contain malware or direct you to sites that contain malware.
  4. Beware of phishing, i.e. messages asking you to share your user ID and password or enter them on a website. System administrators never ask for your password.
  5. Always check the actual target address before clicking a link. Be extra careful with regard to links received in messages. Learn to tell which Internet addresses are genuine and which indicate fraud.
  6. Before registering as a user of an online service, always check the terms and conditions to make sure that data ownership will not be transferred and no data will be disclosed to third parties. Think carefully before sharing information about yourself or others in various online services (Facebook, photo sharing services, etc.).
  7. Malware spreads efficiently through social media and online services. Be cautious about pop‐up windows, advertisements and invitations ‐ click carefully!
  8. Protect your own computer with a firewall, anti‐virus software, back‐up copies and software updates. In addition, protect your smart phone and other mobile devices e.g. with a lock code. Only install applications that you really need on your computer and mobile devices.
  9. Don't use a USB flash drive as the primary or only data storage. If you intend to save sensitive data on a flash drive, get one that encrypts the data.
  10. If you suspect a security breach or system abuse, contact the person in charge of the service.

Security of your data and documents, U drive

Save your data and documents on the U drive when you are working on a workstation in the University of Jyväskylä. Your data on the U drive is available for you only and nobody else can read your data. Furthermore, your data is backed up regularly.

You can save your documents on a USB memory stick, too. However, think twice if your data is on a memory stick only. Please, save your important data on the U drive. If you are using an unknown memory stick, please check it's content always for viruses.

More about the information security in Wikipedia, the Free Encylopedia.

Security of your personal identity information, phishing

Today you may get more and more so called phishing emails that try to get your private personal information such as your user-id, password, email, bank account number, address etc. A typical phishing email may ask you something about your mail box in order to get it working. Our University and it's departments never ask anything like that by email.

Below there is a typical example of a phishing email.  A phishing email may look out fairly official but they only are trying to fool you. Never respond to any email like that! If you'll get an email that makes you unsure what to do, please don't hesitate to contact Service Desks of the IT Services before doing anything else.

The incoming and outgoing email of the University is scanned for viruses automatically. However, there is a chance that you'll sometimes get spamming emails that contain harmful attachments. In general, it's a good policy to delete right away emails with attachments from an unknown sender. In the header of email there may be attractive words like love, winner, customer/webmail service, administrator, sex and so on.

Be careful with your private personal information. Please, don't deliver carelessly your identity information. Especially, never give your user account and password to anyone by email. You need your user account and password only in using network services (Korppi, Koppa, email etc.) of the University. Please, don't use your account and password anywhere else.
Please, don't deliver your email carelessly either. Email spammers are sparsing web pages in order to find out your email.

Useful reading about netiquette in Wikipedia.

What to do after a successful phishing email?

What to do if you have carelessly responded to a phishing email and you have given out your user account and password? Then please, change immediately your account's password in the password change service at: http://salasana.jyu.fi/

In general, it's a good policy to change your password regularly.