IT security at Linnaeus University
The IT security work is carried out in close collaboration with the university’s information security work. Somewhat simplified, one can say that IT security constitutes a sub-area of the work with information security. Our work with IT security focuses on technical solutions and making sure that we reach the desired level of information security with the support these.
The ambition for the work with IT security at Linnaeus University is to maintain desired confidentiality, correctness and accessibility of the university’s information assets. Information assets include both the information itself and the resources used to handle the information. Thus, information security and IT security is not only about securing information systems. Also other resources, not least the capability and knowledge of individuals, are important components of the concepts information and IT security.
In our information society where greater quantities of information than ever are being processed, stored, communicated and multiplied, more is required from the end user. At individual level, this often means that working life and private life blends together.
We work proactively to support the users in their work practice. This work ranges from mediating a sound security culture to the users to maintaining a good security level in our IT systems.
The work at the university is based on the standards and ordinances that apply for Swedish authorities, among others, ISO27000 Ledningssystem för informationssäkerhet (LIS) and MSBFS 2016:1 föreskrifter och allmänna råd om statliga myndigheters informationssäkerhet.
More information about our work with information security can be found on: https://lnu.se/medarbetare/anstalld-vid-lnu/kris-och-sakerhet/sakerhet/informationssakerhet/
Organisation plan for the information security work:
Information about the IT Office and its services: https://lnu.se/medarbetare/organisation/it/
Incident Response Team (IRT)
Incidents that can constitute a threat to the IT security at Linnaeus University are handled by the IRT group, to which members of staff and students can report isolated incidents. IRT is a team consisting of people with different IT competences who have direct contact with the Incident Manager (IM) who can handle any measures needed to handle the threat immediately.
IRT is tasked with, among other things:
- Receiving information about internal and external threats relating to IT security.
- Being contact organisation for other organisations in connection to national threats.
- Investigating reported IT security cases.
- Functioning as receiving organisation for investigations concerning IT security.
- Carrying out analyses of identified incidents on a regular basis.
- On request, providing decision basis data concerning IT security.
Report a suspected threat to IT security by emailing the IRT team on email@example.com
Contact person for IRT is the safety coordinator.
In case you feel uncertain, always contact our support for guidance.
Never give away your password – think twice before you log on to a website!
Phishing is a method used to trick people into giving away important personal information, often passwords. Lnu frequently receives phishing emails and quite often someone is deceived. Phishing emails often request that you click on a link to a web page, where you are told to enter your username and password. Even though this website may look like an Lnu site, it is not. Furthermore, you are often told that it is urgent that you follow instructions and quite often you are threatened with your email account being disabled if you do not follow the instructions.
Please keep in mind:
- To enter your password on a website is the same thing as giving away your password.
- IT Office will NEVER ask for your password!
- IT Office will NEVER request that you click on a link in order to verify your user account or email account!
- IT Office will NEVER threaten with your account being blocked if you do not click on a link and enter your password, or if you fail to login!
If you have clicked on a link in a phishing email and entered your username and password, it is of utmost importance that you change your password as soon as possible. Otherwise, at best, your account will be used to send spam emails and your inbox will be filled with "Delivery failure" emails. At worst, the account information can be used to access all data on your P: as well as all the data on S: to which you have access.
You can change your password either on the website https://konto.lnu.se/losenord/byta or on a Lnu computer.
Some examples of phishing emails:
- The size of your mailbox has exceeded the limit and your email will be blocked if you do not click here...
- Because of security updates you need to log on to your webmail or it will be blocked, click here...
- A third party has tried to log on to your account and you now have limited access to your webmail. To reactivate, click here...
If you have any questions feel free to contact the IT Office.