You are here: Information Security Tips on how to keep information secure

Tips on how to keep information secure

Here is a checklist that you can use as a tool to ensure that the data you are working with is processed securely. 

According to the Danish Defence Intelligence Service, cyber-attacks and the associated risk of having information stolen are considered to be one of the greatest threats facing Denmark. Information security is not just a technical challenge; it is also about how you act when handling information.   

AU is a knowledge organisation, and information is many different things to many different people: information may be physical or electronic, and may relate to research data, employment conditions, cleaning rotas, travel expense reports, business agreements etc. Regardless of the information in question, information security fundamentally focuses on three aspects: confidentiality, integrity and accessibility.


1. Do you remember to lock your computer when you leave it?

It is important that you lock your computer when you leave it.

When you log on to your computer, you will have access to certain resources depending on who you are. If you leave your computer unlocked, other people can use it without your consent. This means that they may able to see and edit information in your name that only you should be able to see and edit. 

If you are in doubt about how to lock your computer, you can find a guide for Windows, Mac and Linux.

2. Do you find it hard to remember your password?

There are basically two ways in which an IT criminal can access a password and your data: by asking for it or by attempting to access it.

In order to make it more difficult for an IT criminal to access passwords and data, AU places certain requirements on the length and complexity of passwords for, for example, AU computers and the university’s IT systems. See the password rules. In addition, passwords must be changed at regular intervals.


Do you find it hard to remember your passwords? 

It can be difficult to remember long passwords. AU IT recommends that you use sentences or passphrases to help you remember your passwords. 

Find tips on how to use sentences or passphrases to remember passwords

You can also use a Password Manager, which is a program that allows you to save your usernames/passwords in a secure manner. AU IT does not currently recommend a specific Password Manager and, consequently, the IT support team does not usually provide support related to Password Managers.  


Avoid reusing your passwords 

It is important that you do not reuse your AU password(s) for third-party systems, such as websites and online banking. This is because reusing the same password increases the risk of the password being compromised.  


Suspected misuse

If you suspect that your password has been compromised, you must change your password immediately. See how to change your password


Need help?

If you have any questions about passwords, please contact your local IT support team or write to informationssikkerhed@au.dk. 

3. Are all your devices, such as your smartphone and computer, updated?

Hackers exploit security vulnerabilities in programs, apps and operating systems, and you must therefore make sure that they are kept up to date.

Computers

All AU computers (PCs and Macs) are updated automatically. However, you are responsible for updating the programs you have installed yourself and the browsers you use.

Linux users need to update their computers themselves. 

Smartphones/tablets

If you have an AU smartphone and/or tablet, you must update the operating system and apps yourself. AU IT is working on a solution where AU smartphones/tablets will be updated automatically. 


Need help?

If you have any questions about updates, please contact your local IT support team. 

4. Do you remember to back up your data?

If you use AU’s network drive (U), shared drive/folder (O) or AU’s SharePoint solution, you do not have to worry about back-ups as this is done automatically. Read more about AU’s data storage solutions. 

There are, of course, situations where data cannot be readily stored on network drives etc., for example when you collect data in the field or while calculations are being made.  In such cases, you should make sure that the data is backed up as soon as possible. In the meantime, AU recommends that you use alternative encrypted back-up options, such as an encrypted USB flash drive. Read more about encryption.  

If you have a special need, for example for very large data volumes, AU IT can help you find a suitable solution. Contact your local IT support team.

5. Do you download programs from the internet?

You are welcome to download files and programs from the internet for work-related use – and, to a reasonable extent, for private use.

You must pay special attention to the trustworthiness of the website you are downloading from. Any number of viruses may be transferred when downloading programs for legitimate use.    


Any questions?

If you have any questions about downloading files and/or programs, please contact your local IT support team.

6. Have you installed antivirus software on your computer?

Antivirus software helps to protect your computer against malicious programs. McAfee antivirus software is installed on all AU computers, and the software is updated automatically. 

If you use private equipment, you must make sure that antivirus software is installed before you connect the equipment to AU’s network. AU IT recommends Windows Defender (for Windows 10+), but you can also find alternatives at https://www.av-test.org.       


Read more

Find more information about antivirus software.

7. Do you make sure that you protect confidential and sensitive personal data?

Personal data is defined as any kind of data which can be used to identify a person. You must process personal data responsibly and with care.  

You can find information about the General Data Protection Regulation (GDPR) and processing of personal data at au.dk/dataprotection, including:


Need help? 

 

If you have any questions or if you need help, you can find a list of contacts here.

8. Do you know what a phishing email typically looks like?

Attempted phishing is when you receive an email in which the sender pretends to be someone else. The purpose of the email is to gain confidential information from you or to trick you into installing malicious programs.

Typical characteristics of a phishing email

  • Requests that you act now – before your account is closed, before the money is withdrawn etc.
  • Requests to disclose confidential information (for example, passwords and username) via a link in the email or by answering the email. 
  • Requests to open attached files.
  • Links which appear to be official or familiar at first glance, but which reveal a different destination when you move your mouse over them.
  • A sender address which, on closer inspection, is revealed not to be official. 
  • For example, Aarhus University <aarhusuniversity12@gmail.com>

If you are in doubt as to whether an email is an attempt at phishing, you should contact your local IT support team. Do not click on attachments or links in suspicious mails.


Read more

Find more information on phishing.

If something goes wrong...

Has your smartphone/laptop been stolen? Have you lost your USB flash drive containing AU data? Have you been hacked? 

An event that leads to AU data being compromised is classified as a security breach. All security breaches must be reported to AU by contacting your local IT support team.

If you know that personal data has been compromised, you can report the security breach to AU’s data protection officer using this form.

1446035 / i40