- Report the incident as soon as possible, contacting the ITO in the following order:
- IT Helpdesk, +372 737 5500;
- Chief Information Security Officer Risto Rahu, +372 5305 5032;
- Head of Infrastructure Erkki Kukk, +372 521 3503;
|
| 3 | Rules and requirements | |
| 4 | Data security | - Be aware of data you hold in connection with your duties and ensure the security of data.
- Store university data only on university servers and information systems
- If the data given to you to perform a task are no longer needed, delete them from your computer.
|
| 5 | Computer security | - When you leave your computer, lock the screen. For Windows PC, hold down the Windows key and tap on the L key.
- Make sure that a security software (Symantex Endpoint Protection) is used and running on your work computer and the latest versions of web browsers have been installed. If necessary, ask for advice from IT Helpdesk.
- Avoid using public (unencrypted) Wi-Fi connection in your laptop, or if it is necessary, use a VPN connection.
- If you work in a place where other people can see what is on your computer screen, we recommend using a privacy filter on your screen.
- If possible, use data (disk) encryption on laptop and smart devices.
- Never leave your laptop unattended or in an unlocked room outside the office. If the device is stolen, immediately inform IT Helpdesk and change your password as soon as possible for security reasons.
- If you suspect that you may have run a program or opened a document containing malware (unusual error message, disturbing ads, etc.), contact IT Helpdesk immediately.
|
| 6 | Teleworking from a personally owed equipment | - Make sure your personal device uses secure and up-to-date software. Update the software if necessary. See also recommendations in section 4!
- Use web-based (cloud-based) software solutions offered by UT to process work-related information
- Do not keep work information on a personal device for longer than necessary for remote work.
|
| 7 | E-mail security | - Use the university's e-mail address for research and teaching.
- When you send an e-mail, select the recipients carefully – check whether all recipients need to be involved (especially when you reply to an e-mail) and whether the recipients' e-mail addresses are correct.
- If you receive an e-mail from a person or a company you do not know, use caution when opening attachments and web links in the message. If necessary, consult IT Helpdesk.
- If you receive an e-mail which tells you to update your password, be careful and, if necessary, consult IT Helpdesk.
- If you have opened a suspicious link, immediately contact IT Helpdesk.
- To protect your account, please enable 2-step verification (2FA)
- instructions can be found here Kaheastmelise autentimise aktiveerimine Microsoft 365-s
|
| 8 | Recommendations for securing cloud-based video conferencing and video lectures | - The cloud-based service uses third-party hardware and software and service is provided to end users under a contract or partnership agreement.
- Many free services contain advertisements or transfer personal information for sale to third parties.
- Many video conferencing and video lecture solutions are still under development and often contain security flaws. Software is being developed, but older versions may contain dangerous security issues that have been exploited by malicious people.
- Counterfeit software packages based on a number of well-known software programs, which contain malware added by criminals in addition to the original software, have become widespread on the Internet.
Security recommendations - If your scheduled video meeting or video lecture contains sensitive information that should cause significant harm to the public, review the cloud-based service agreement or collaboration agreement and assess the potential risks. If in doubt, seek advice from IT Helpdesk!
- If possible,
|
