- Employed at Lnu
- Crisis and security
- Security
- IT security
IT security at Linnaeus University
The IT security work is carried out in close collaboration with the university’s information security work. Somewhat simplified, one can say that IT security constitutes a sub-area of the work with information security. Our work with IT security focuses on technical solutions and making sure that we reach the desired level of information security with the support these.
The ambition for the work with IT security at Linnaeus University is to maintain desired confidentiality, correctness and accessibility of the university’s information assets. Information assets include both the information itself and the resources used to handle the information. Thus, information security and IT security is not only about securing information systems. Also other resources, not least the capability and knowledge of individuals, are important components of the concepts information and IT security.
In our information society where greater quantities of information than ever are being processed, stored, communicated and multiplied, more is required from the end user. At individual level, this often means that working life and private life blends together.
We work proactively to support the users in their work practice. This work ranges from mediating a sound security culture to the users to maintaining a good security level in our IT systems.
The work at the university is based on the standards and ordinances that apply for Swedish authorities, among others, ISO27000 Ledningssystem för informationssäkerhet (LIS) and MSBFS 2016:1 föreskrifter och allmänna råd om statliga myndigheters informationssäkerhet.
Incident Response Team (IRT)
Incidents that can constitute a threat to the IT security at Linnaeus University are handled by the IRT group, to which members of staff and students can report isolated incidents. IRT is a team consisting of people with different IT competences who have direct contact with the Incident Manager (IM) who can handle any measures needed to handle the threat immediately.
IRT is tasked with, among other things:
- Receiving information about internal and external threats relating to IT security.
- Being contact organisation for other organisations in connection to national threats.
- Investigating reported IT security cases.
- Functioning as receiving organisation for investigations concerning IT security.
- Carrying out analyses of identified incidents on a regular basis.
- On request, providing decision basis data concerning IT security.
Contact information
Report a suspected threat to IT security by emailing the IRT team on irt@lnu.se
Contact person for IRT is the safety coordinator.
In case you feel uncertain, always contact our support for guidance.
Pishing
Never give away your password – think twice before you log on to a website!
Phishing is a method used to trick people into giving away important personal information, often passwords. Lnu frequently receives phishing emails and quite often someone is deceived. Phishing emails often request that you click on a link to a web page, where you are told to enter your username and password. Even though this website may look like an Lnu site, it is not. Furthermore, you are often told that it is urgent that you follow instructions and quite often you are threatened with your email account being disabled if you do not follow the instructions.
Please keep in mind:
- To enter your password on a website is the same thing as giving away your password.
- IT Office will NEVER ask for your password!
- IT Office will NEVER request that you click on a link in order to verify your user account or email account!
- IT Office will NEVER threaten with your account being blocked if you do not click on a link and enter your password, or if you fail to login!
If you have clicked on a link in a phishing email and entered your username and password, it is of utmost importance that you change your password as soon as possible. Otherwise, at best, your account will be used to send spam emails and your inbox will be filled with "Delivery failure" emails. At worst, the account information can be used to access all data on your P: as well as all the data on S: to which you have access.
You can change your password either on the website https://account.lnu.se/password/change or on a Lnu computer.
Some examples of phishing emails:
- The size of your mailbox has exceeded the limit and your email will be blocked if you do not click here...
- Because of security updates you need to log on to your webmail or it will be blocked, click here...
- A third party has tried to log on to your account and you now have limited access to your webmail. To reactivate, click here...
If you have any questions feel free to contact IT Office.
Prepare your technology for travel
Protect your information and technology in four simple steps
- Make a backup before your trip
Traveling can be a huge strain on your technial equipment. Take backup before and during your trip in case of damage or theft. - Do not bring more electronics than you need
Think about whether you really need to take all your equipment with you. Perhaps there is a computer available at your destination. - Secure your access
A thief can steal your data without physically taking your device. Make sure that your connection is encrypted. When logging in, the browser must say https: // instead of just http: //. Connect to a secure network or VPN (Virtual Private Network) whenever possible. Read more about VPN - Refresh your passwords when you get home
Change your passwords to important services when you get home. It is not always easy to remember if you have logged in from an insecure connection, or at an Internet Cafe, where they could have logged your keystrokes. It is more common than you think.
You are welcome to contact the IRT-team at irt@lnu.se for further information.