Information Security

Dansk

 Information Security Rules on use of internet and e-mail

Internet and email

RULE: Use of internet

You can freely use the university's internet connection for work or study-related purposes. You are also allowed to use the internet connection for private purposes. 

  • Use of the internet must not be for an illegal act or be detrimental to the university's reputation.
  • AU may carry out random checks to prevent misuse of the internet and AU reserves the right to block user accounts and disconnect users' computers if this is deemed necessary to maintain security or operations.

RULE: Use of e-mail

The university makes an email and calendar account available to all permanent employees. The account is primarily intended for use in your work, but can also be used privately.

  • However, activities must not be illegal or of a commercial nature and must not be detrimental to AU's reputation.
  • As a general rule, the content of your email account belongs to Aarhus University.

For students

As a student, you will also be given a email address at which you will receive official announcements from Aarhus University, and you can also use the account for private purposes.

  • The same rule applies to students: Activities must not be illegal or of a commercial nature and must not be detrimental to AU's reputation.

TIP: Use your common sense online

The internet is huge, and cyber criminals work globally. Therefore, be vigilant and use your common sense when you are online.

  • If you see something - say something. If you experience a security breach, or if you are in doubt as to whether your IT security has been compromised, please report it immediately – it’s better to report an incident once too often than once too little.

See more under Rules in the event of a security breach.

You are allowed to download files and programs for work purposes, and to a reasonable extent for private use – also on devices provided by AU.

Viruses may be hidden in programs that you download.

  • Be careful about which files and programs you download. And whether you trust the website you download from.

If you are unsure about downloads, please contact your local IT support team.

TIP: Create af folder for personal e-mails

If you use your AU email for private purposes, it is a good idea to store your private correspondence in a separate folder called "Private". When an employee leaves AU managers are not allowed to read mails marked as private.

TIP: Spot a phishing email

Phishing emails often have specific characteristics. Here are some of them.

Keep your NemID and passwords to yourself

  • Aarhus University, Nets and other legitimate banks, companies and government authorities will never ask you for your personal passwords, NemID code card or the like. If you receive a request to provide this kind of information, do not respond. 

Be careful about clicking links in mails and text messages

  • Scammers are good at making mails and text messages look genuine. If you are in doubt, check the official website of the sender.

Look for clues that unmask a scammer

  • Cybercriminals will try to entice you to click links or open attached files. But there are a number of clues that will reveal these fakes: If you hover the mouse over a link in a mail, you can see where the link will take you if you click it. Instead of clicking the direct link to the sender’s website, find the official website online and use the search function to see if you can find the same content.

Check the sender

  • When you receive an email, hover your cursor over the sender's name to see the email address.
  • If you suspect that the sender of an email might be a scammer, do an internet search and check the email address or telephone number to make sure the information is correct. Or contact the company or government authority via their official website or telephone number and confirm that the email is genuine.
  • Phishing emails can also be 'disguised’ as internal emails. Scammers can easily create email addresses that resemble AU email addresses. Be aware of slight spelling errors in the name of the email domain, i.e. what comes after @. For example, '@uniau.dk' instead of '@au.dk'.  

Count to ten before you click

  • Scammers often try to get you to act quickly. If you get an unsolicited mail or text message, it’s a good idea not to respond immediately: wait until you have time to think twice before you answer.

See also guidelines on how to report phishing emails in Outlook

Revised 01.02.2023
-
Informationssikkerhed