Versions Compared

Old Version 21

changes.mady.by.user Unknown User (kimmosv)

Saved on

compared with

New Version Current

changes.mady.by.user Unknown User (kimmosv)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Do not trust in all the emails you receive, especially if the sender is unknown.
  • All messages with a link should be treated with caution, especially if there is something unexpected in their content.
  • Do not send sensitive information via internet without encryption.
  • Save your important files onto net drives.
  • Do not under any circumstances, disclose your user name or password to anyone.
  • Recommended password length is 15 characters long (at least 8 characters), use case-sensitive, numbers and special characters such as: =)?!#

  • Do not use the same password in Metropolia’s services as you use in other services. In the worst case, a data breach that occurs in another service could lead to a data breach in a Metropolia service.

  • Lock your computer whenever you leave the workstation.
  • Do not install your own programs.
  • Do not open doors to strangers.
  • Agree with your supervisor about the usage of files and email accounts, if you plan on being away for a long time.
  • It is forbidden to keep classroom doors open with obstacles. Most doors have an electronic lock that monitors access to the classroom.

...

  • Lock your room when you leave. Do not leave strangers alone in your room or other places.
  • If you are working in customer service, no one should be able to see your screen.
  • Make sure that all doors and windows are locked when you leave the room last. Rooms with electronic devices should always be locked.
  • Find out how to behave and react in case of fire or accident in your working environment.
  • Lock your workstation to prevent unauthorized access. Lock it by pressing the WINDOWS+L buttons. Switch off your computer when you leave for the day. If it is a shared computer, always log off.
  • Keep all of your important electronic storage media and papers safely locked.
  • Pick up your printouts from shared printers and copiers as soon as possible.
  • Please also ensure that printouts containing personal information are properly disposed to security trash bins.
  • Students do not carry any visible IDs, so it is everyone’s duty to check for unauthorized access of school’s premises. Information about trainees should be notified to everyone.
  • Employees have full responsibility of their visitors. They are received and escorted out by the personnel.
  • If a user claims to have forgotten the password or the username is not accepted, teachers or other personnel should not allow access to a workstation they are logged in.

...

  • Your password must be long enough (at least 8 characters) and difficult to guess. Do not disclose your password to anyone; you are the one responsible for how it is used. Change your password at least once every 4 when needed, for example every 12 months, in case the network system is not programmed to do so. A user group is responsible for their common user account.
  • Strangers without user accounts are not allowed to use the computers and other devices.
  • The supervisor is responsible for ensuring that any special privileges of a software will be given to the right people. The administrator will perform the necessary changes according to each worker’s needs, in order to limit access to a program’s features.
  • In case of forgotten password, you will need to prove your identity before you get a new one.
  • Do not disclose your password over the phone or by email to Helpdesk; not even administrators need to know it.
  • User accounts are activated when your contract starts and terminated when it finishes.
  • Installation of own programs is not advisable. The IT department has the right and duty to remove or block the usage of user installed programs, when there is an impact to a workstation’s performance, without informing the user.
  • Make sure that the workstation’s antivirus is on and up-to-date. There are malicious programs designed specifically to target antivirus and protection suites.
  • Use encryption programs for your disks and memory sticks when you access them from non-trusted or common-use computers.
  • Delete obsolete files your computer’s local disk and net drives.
  • Clean up your email frequently.
  • Sensitive information should be kept in local disks or external memories for as little time as possible, or until a certain task is completed, after which the data must be erased.
  • Remember to save your current work frequently onto your home drive and take advantage of automatic saving options.
  • Close open programs when you are away from your workstation for a long time.
  • Do not unplug computers and peripheral devices without asking IT services for advice.
  • It is IT services’ responsibility to take frequent backups of the net drives (including home drive). Work related files are to be saved in your home drive. Users are responsible for the files saved on local disks and their frequent backup.
  • All incoming and outgoing mail is checked for viruses and junk mail is filtered out. Some junk mail still manages to pass due to new technics developed by the senders. The filtering process is constantly developed.
  • Workstations come pre-installed with remote access software. Prior to the connection, the users are asked if they wish to allow or deny the remote access, unless it is a classroom computer.

...

  • Laptops are meant for work use only by the school’s personnel. Only authorized personnel are allowed to use them.
  • It is not allowed to connect laptops that are not managed by the school’s IT services to the wired network. Use always WLAN where it is available.
  • It is not allowed to alter or modify a computer’s hardware/software configuration or settings. It is forbidden to modify any kind of security settings.
  • Never leave your laptop unattended or visible in a car or exposed place, even if it is for a short period of time.
  • Laptops should be connected to our school’s network regularly or every fortnight to receive the necessary antivirus and security updates.
  • When wireless services (WLAN and Bluetooth) are not needed or in use, switch them off. Same rule applies to mobile phones that these features are available. In Nokia phones, one can switch Bluetooth off by pressing * for 2-3 seconds.

5. Internet

  • The internet connection is to be used for work and/or study related purposes, as agreed with the employer.
  • The internet connection is secured by a firewall. Data traffic and server logs are monitored to ensure that no violation occurs according to the law of Protection of Privacy, systems and their security settings are secure, services are not misused and for technical development and troubleshooting.
  • Do not download from the internet non-work related programs or materials.
  • If you suspect that a system is hacked or any kind of security breach change your Metropolia password immediately and contact the HelpDesk telephone service Tel. 09 7424 5000. The password can be changed online with a strong identification at; https://salasana.metropolia.fi
  • It is forbidden to use without permission the employer’s credit card for online purchases.
  • Keep in mind that you are a representative of your employer, whenever you access the internet. Your computer’s IP address that is transmitted onto the internet is registered to Metropolia.
  • Clean up your browser’s cookies frequently.
  • Use of the following applications is not permitted due to security risks:
    • Downloaded screensavers that consume a workstation’s resources, such as SETI@home (Search for Extra Terrestrial Intelligence) or similar @home applications.
    • Programs that bypass security protocols and services, such as decryption breaking software.

...

10. Governing Laws

  • Act on Information Management in Public Administration (906/2019)
    • Public administration shall ensure the consistency and quality management of the data and the information security in order to comply with the principle of publicity.
  • Act on the Provision of Digital Services (306/2019)
    • The authority shall design and maintain its digital services in such a way as to ensure their security, data protection, discover ability and ease of use.
    • The authority shall provide everyone with the opportunity to submit electronic messages and documents using digital services or other electronic data transmission methods.
  • Data Protection Act (1050/2018)
    • Personal data processing
    • Registration (Winha, payroll office, )

...