Information security is the responsibility of every member of the university community – including you. This guide will help you protect your personal data, recognise information security threats and act correctly if problems arise.
Familiarise yourself with the university’s information security guidelines
You are required to follow the university’s information security rules and guidelines. They apply to the handling of all documents and data.
Pay particular attention to the following:
- IT services terms of use (UEF Intra, login required)
- Guidelines on the protection and handling of data (UEF Intra, login required)
Report information security incidents without delay
If you notice information security weaknesses or misuse, or suspect a security breach, report it immediately.
If you suspect that your account has been compromised:
- Change your password immediately.
- Contact Digital Services IT Servicedesk. Tähän linkki, kun uusi Kamu-sivu on valmis!
Recognise information security threats
Information security threats target devices and software as well as their users. When you can recognise threats, you are also better equipped to prevent them.
Phishing and scams
Phishing attempts trick you into revealing confidential information, such as login credentials or banking details. Phishing can also be used to install malware on your device.
Phishing can happen through:
- text messages
- phone calls
- QR codes
Phishing can be targeted – in which case the message appears personal and the sender’s name may be familiar to you. These messages often create a sense of urgency, use threats or appeal to your willingness to help. Scams may also aim for direct financial gain, in which case they constitute fraud.
Malware
Malware – such as viruses, worms and trojans – can disrupt your devices, steal your data or bypass security mechanisms. Malware exploits both technical vulnerabilities and user actions.
Physical threats
Devices that contain data (computers, phones, USB drives) can be lost, stolen, damaged or broken.
How to protect yourself and your data
Your username and password
- Your username is personal – never share it or your password with anyone.
- Choose a password that is easy for you to remember but difficult for others to guess.
- Use a different password for university services than for other services.
Multi-factor authentication (MFA)
Multi-factor authentication protects your account even if your password falls into the wrong hands. Never approve a login request that you did not initiate yourself. Enable multi-factor authentication for services outside the university as well.
Saving and backing up files
- Save your study-related files primarily in the services provided by the university.
- Look after your important files – make regular backups.
- Avoid USB drives – they break and get lost easily.
- If you find a USB drive, do not plug it into a computer – hand it in to Digital Services.
- When sharing files, always make sure you are sharing the right files with the right people.
Also read the Instructions for processing information on UEF Intra.
Using email safely
Use your UEF email for all study-related communication.
Protect yourself from phishing and scams:
- Do not open an attachment if you are unsure about the origin of the message – it may contain malware.
- Check the actual destination of a link before clicking – this also applies to links in QR codes.
- Type the address directly into your browser’s address bar rather than clicking a link in a message.
- Check the sender’s email address carefully – a familiar name alone is not enough.
- Verify any requests involving money by other means, for example by phone.
- If a link takes you to a page that asks for your login credentials or banking details, verify that the page is trustworthy.
- If in doubt, ask for help.
Always send confidential information in encrypted form, for example using secure email.
Protecting your devices
- Protect your computer with a firewall and anti-malware software.
- Install security updates as soon as they become available.
- Lock your smartphone and other mobile devices with a passcode.
- Only install apps from official app stores or other trusted sources.
- Only install the software you actually need.
More information
- Information security pages of UEF Digital Services