IT security advice for your everyday life
Here we have collected some items (tips and tricks) that can be good for you to think about in your everyday life. There are also things to keep in mind when traveling.
Some items to keep in mind in your daily work:
- You as an employee must actively work for increased safety, and point out shortcomings you see to your boss. Read more in the information security policy
- Pay extra attention to, and report, irregular functionality and events in IT systems.
- Do not use private equipment for work-related tasks unless it has been agreed and approved by the employer. Also avoid private cloud services.
- Protect your login information and never disclose it. You are personally responsible for the activities performed via your login information.
- Keep track of your cell phone and computer. Lock them if you leave them temporarily. You can easily lock the computer by pressing the Windows key and the letter L (as Locked). Do not leave them unattended in a public place.
- Install security updates on your phone, computer and other devices as soon as possible. New updates often include security updates that reduce the risk of you encountering different types of threats.
- Be attentitioned regarding phishing, malware, password management, fake documents and websites. Think before you click! This applies to both links and attachments and links in your email but also when you surf the internet.
- Be restrictive with unknown wireless networks.
- Never plug in an unknown USB or other unknown external device. These can be infected with viruses that spread automatically when connected.
- Never use the same password at Mid Sweden University as you do privately. We can not review the security of services used privately and lack of security in such services can lead to unauthorized access to passwords used in Mid Sweden University's system.
- Avoid sending sensitive information via e-mail, sending e-mail can be equated with sending a postcard. If the information is required to be sent via e-mail, it must be encrypted. Write #encrypt in the subject line.
- Keep in mind what environment you are in when handling and talking about sensitive information.
Make sure your information is backed up whether it is stored on a desktop or portable device. Contact the help desk for assistance. - When you stop using removable storage media, keep in mind that it must be cleaned safely.
- If you are going to travel, and bring a mobile device, there are a number of things you should think about before, during and after the trip, see the list below.
Travel security for mobile devices
Before the trip
- If you travel abroad and have a Smartphone, download the app "UD Resklar" and take part of information available about the country you are visiting. Alternatively, take part in information about the country on the Ministry of Foreign Affairs' website. Follow the Foreign Ministry's recommendations.
- Information that is stored at home in a storage solution with high security can be exposed to great risks if you copy it over to a mobile device that you take with you on the trip. Only bring the information you need on the trip
- Using your devices outside of the regular office environment increases the risk of losing them or being exposed to some form of attack. Bring only the devices you really need
- Make sure you have access to the university's VPN service. If you do not already have it - see instructions on the employee pages that show how to access the service
- Update the software on your devices
- Make sure your devices are equipped / configured with standard security protection (automatic locking, password / PIN code, updated antivirus software, etc.)
- Update yourself on current information about the country that is the subject of your trip. Are there special rules regarding carrying encrypted information? Are there other rules / restrictions? Check with the travel agency and others who have visited the country in question.
During the trip
- Keep an eye on your devices
- If you use your laptop in public environments - beware of visual hacking. Use privacy filters on your screen!
- Avoid connecting your devices to public WiFi networks. You share these networks with strangers, some with dubious purposes. Some networks are set up specifically to steal information and spread malicious code
- Connecting to password-protected networks, for example in hotels, can also involve major risks. Be critical of questions asked in connection with connection to the network. If there is access to Eduroam, it is a good alternative. The university's VPN services provide encrypted communication to your resources at the university.
- Disable services that you do not need during the trip (for example, location services and bluetooth).
- If free USB sticks are distributed at the fair or elsewhere, do not use them.
- Use your own charger and cable (do not use USB sockets). In some hotels, chargers and cables may be placed in the rooms, sometimes rigged to plant malicious code in the connected devices.
After the trip
- Run a virus check on the devices you had with you on the trip
- If you had USB sticks with you that were used during the trip, these should also be checked.
- Pay special attention to any phishing attempts that may be related to your stay abroad