IT security permeates all digital tools you use at work. This page gathers the information about IT security that is important for each user to know. The checklist below provides advice on what you can do to protect yourself.
Checklist for IT and information security
- Keep your passwords, computer and phone to yourself.
- Lock your computer when leaving it making sure your password is needed to access it.
- Make sure you back up your data and install antivirus software and available updates on your computers and mobile devices. Old versions of software may have security vulnerabilities. The client management provided by Umeå University is recommended.
- Think about where you are and who is around you when you process information, whether in conversation, printouts or on screen.
- Only use IT services that are approved from an information security and personal data perspective. Services procured and provided by the IT Office fulfil such requirements.
- Be alert to attempts to trick you into divulging personal information via fraudulent emails or online forms – so-called phishing. The University's IT staff will never ask you for your password in an email.
- Never store personal data or other sensitive information in cloud servers and never send sensitive information by email.
- Exercise good judgement when online. A single visit to a certain website may be enough to infect your computer or mobile device with malware. Report any incidents to firstname.lastname@example.org – they will also be happy to offer advice and support.
- Notify the University's data protection officer if you are processing personal data email@example.com.
- Ensure that information that needs to be kept is registered in the archives. Prepare for archiving as soon as you start collecting data.
- Read and approve the rules regulating what rights and obligations you have as a user of these services. This normally takes place when you are employed and receive your login credentials.
Learn more about IT security
The Swedish Civil Contingencies Agency is a public authority responsible for supporting society to prepare for accidents, crises and civil defence.
Computer Security Resource Center (CSRC) is an American government institution in cybersecurity and information security.
SANS is an institute conducting global research and training in information security and certification.
Umeå University's IT security plan states the objectives and guidelines for IT security at Umeå University.