IT security at Linnaeus University
The IT security work is carried out in close collaboration with the university’s information security work. Somewhat simplified, one can say that IT security constitutes a sub-area of the work with information security. Our work with IT security focuses on technical solutions and making sure that we reach the desired level of information security with the support these.
The ambition for the work with IT security at Linnaeus University is to maintain desired confidentiality, correctness and accessibility of the university’s information assets. Information assets include both the information itself and the resources used to handle the information. Thus, information security and IT security is not only about securing information systems. Also other resources, not least the capability and knowledge of individuals, are important components of the concepts information and IT security.
In our information society where greater quantities of information than ever are being processed, stored, communicated and multiplied, more is required from the end user. At individual level, this often means that working life and private life blends together.
We work proactively to support the users in their work practice. This work ranges from mediating a sound security culture to the users to maintaining a good security level in our IT systems.
The work at the university is based on the standards and ordinances that apply for Swedish authorities, among others, ISO27000 Ledningssystem för informationssäkerhet (LIS) and MSBFS 2016:1 föreskrifter och allmänna råd om statliga myndigheters informationssäkerhet.
More information about our work with information security can be found on: https://lnu.se/medarbetare/anstalld-vid-lnu/kris-och-sakerhet/sakerhet/informationssakerhet/
Organisation plan for the information security work:
Information about the IT Office and its services: https://lnu.se/medarbetare/organisation/it/
Incident Response Team (IRT)
Incidents that can constitute a threat to the IT security at Linnaeus University are handled by the IRT group, to which members of staff and students can report isolated incidents. IRT is a team consisting of people with different IT competences who have direct contact with the Incident Manager (IM) who can handle any measures needed to handle the threat immediately.
IRT is tasked with, among other things:
- Receiving information about internal and external threats relating to IT security.
- Being contact organisation for other organisations in connection to national threats.
- Investigating reported IT security cases.
- Functioning as receiving organisation for investigations concerning IT security.
- Carrying out analyses of identified incidents on a regular basis.
- On request, providing decision basis data concerning IT security.
Report a suspected threat to IT security by emailing the IRT team on email@example.com
Contact person for IRT is the safety coordinator.
In case you feel uncertain, always contact our support for guidance.