With a little care you can spare yourself from annoyance and wasted time. In the following there are some advice regarding information security that you can lean on when working at SDU.
SDU facilitates both technical and organizational solutions to protect the information the university treats. However, the chain is never stronger than the weakest link. Hence it is important that we all contribute to strong information security.
An e-mail is not always what it seems to be. E-mails can contain files or links that you should not open. A healthy skepticism is the best defense. If you are in doubt whether a mail is authentic try calling the sender or asking a fellow student if the person also received it. False e-mails can be reported using the 'Report Phishing' - button in Outlook
A password is the most important protection against abuse of your data and your person - Choose it with care and never share it with others. SDU demands that your password complies with following:
- At least 15 characters long.
- A combination of at least three of the following categories: capital letters, small letters, numbers, special characters
- Cannot contain parts of the users first name, surname or username. Example: 'Risti' cannot be used if you're named Christian.
- Cannot consist of "keyboard wanderings" as 12345678, qwerty etc.
- Cannot be identical with the 25 most recently used passwords.
- The password used for SDU-accounts cannot be used for third party products - for example internet shops.
SDU continuously checks, using special software and databases, whether passwords are compromised or weak. If the user's password can be cracked within 48 hours, the user will be requested to change the password. Passwords are always checked, when passwords are changed, and as necessary when SDU receives information about leaked passwords from external sources and portals.
This method means that SDU does not require periodic password changes (e.g. every six months). Users are therefore only asked to change password if they are assessed to have an insecure/weak password.
Always remember to use a password on your phone and other mobile devices. A phone can contain lots of information of personal and professional character - The first guard against unauthorized access is a password (code, fingerprint, face recognition etc. )
Remember to lock your PC and your door when you leave your work station - even if you are only away for a short period. You can make your PC lock itself when you have not touched your mouse or keyboard for a certain time. Servicedesk can provide help, if necessary.
A good tip is to use the Windows + L short cut - In this way you can quickly lock your screen when leaving.
USB keys are easy to use and easy to lose. Therefore you should be mindful to remember your USB keys, and take them with you when you leave a room.
Always remember to take your prints with you immediately, and do not throw out confidential papers as trash - use the shredder.
SDU's data may exclusively be kept and treated in systems accepted by the University. SDU has approved Onedrive, Teams, Nextcloud and Ucloud for treatment of person-sensitive information. Are you in doubt about which systems you can use in relation to certain types of information please contact Servicedesk or read more here.
Please note that all types of data may be stored in Onedrive, which SDU makes available. The video below is of an earlier date.
Please remember that a locked door means that it is not everyone who should access SDU. Make sure that those you let in have a legitimate errand - it is OK to ask.
The tips and tricks to good information security you have found on this site also applies when you are working off campus. When you work from home the following is especially important.
- Use the tools and communication-canals that SDU provides you with, and remember that the guidance's regarding IT also applies when you work at home
- Ensure that e-mails, messages, and calls you receive are authentic so that you do not disclose sensitive information.
- Remember to think about access to you devices. Lock your screen when you leave your computer and do not let others use it.
- Use VPN
Do not discuss topics in public where unrelated people can listen in. In the video the situation takes place in a shopping center, but the message also applies to the halls of campus, in the train and in other public places.
Always consider what others can see when working in public places. Think where you place yourself and consider using a screen-filter.
Never leave papers with personal information unguarded. If you loose information it must be reported as a security breach. Reports can be filed here.