Security connected to the computer systems at NTNU.
Table of Contents [-]
- Read the IT regulations
- You are not anonymous!
- File permissions
- Security at your workstation
- Secure your computer
- Report data security violations
- Suspicious email.
- See also
Norsk versjon - IT-sikkerhet
Read the IT regulations #
Before you begin to use NTNU's computer systems, you need to read the university's IT regulations.
You are not anonymous! #
You are not anonymous when you are using NTNU's network. The university keeps logs with information on computer activity, which can be used to investigate regulation violations or computer hacking. You can read more about logging at this page.
You should have a secure password, mainly to prevent other people from gaining access to your files and to prevent unauthorized people from getting into NTNU's computer system. Most break-ins happen when the intruder randomly chooses your (poorly protected) account to gain access, and then gets into the system from there. Strong passwords help prevent break-ins.
You are not allowed to share your password. If someone offers to help you and wants your password to fix something, just say no. Instead, go to Orakel Support Services to get help. NTNU's operations division or Orakel will never ask for your password on the telephone or by email.
Good password practices #
You should change your password roughly once a semester, which is best done after holiday breaks. Under the IT regulations, you are required to change your password if you know or suspect that someone else knows or has gotten your password.
Reuse of your password #
Don't use your NTNU password for web-based services such as Facebook, Hotmail, Google, Amazon, and similar services. It is a good idea to have different passwords for different systems and computers to minimize the amount of damage that can be done if someone gets a hold of one of your passwords.
Saving your password #
Many email programs allow you to save your password so that you don't have to sign in every time you want to read your email. This can be risky, because the password will likely be saved on that particular computer, which will make it available to anyone who uses the computer after you.
A number of webmail services, such as Hotmail, offer to check your mail on your NTNU account. You should absolutely not enter your password there, because it will be very easy to find and misuse if an intruder gets into Hotmail's server.
Break-ins to NTNU's computer systems cost the university a great deal of time and money every year. By having a strong password, you can reduce the risk of break-ins. That frees us to use resources to develop offerings for you and your fellow students.
File permissions #
In UNIX, which is used on all file servers for stud.ntnu.no, files can be protected to prevent unauthorized people from reading them, writing into them or searching for them. You can read about file permissions to determine if and how you want to give your files additional protection.
Security at your workstation #
Anything that you save on your local hard drive stays there and is available to anyone who uses that computer after you. You should instead save your private files on your home directory.
Remember to screenlock your computer if you plan to leave it for a while. Consider logging out if your machine does not have a locking function. If you are using a terminal you have to log completely out. If you lock the terminal locally, your password will not unlock it. Instead, you will need a password that users generally do not know. If this happens, you will have to restart the computer to work again. These computer labs are available for everyone.
Secure your computer #
Security for your computer is becoming more and more important. An increase in viruses and other forms of abuse are becoming more and more common, and it is therefore important to look into ways of protecting your computer.
You should install a firewall. Find out what's out there for your operating system and install one you like. Note that Windows XP/2000 (Service Pack 2 or higher), Server 2003, Windows Vista, Windows 7 and Windows 8 all have a built-in firewall that is automatically activated. NTNU also has a license for a firewall from F-Secure. You can find this under the Software distributor Progdist. Read more about how you can download software for students or employees.
Automatic update #
Be sure to download security updates automatically, most operating systems can be set to do this.
Install an antivirus program and make sure it's always updated with the newest virus definitions.
Note: Never install more than one antivirus on your computer.
Software can be downloaded to your computer without your knowledge, often as hidden attachments to software you download yourself. These are called Spyware or Adware, and are a rising issue. Spyware is not only very annoying, but can also be harmful for your computer. Download one or more anti-spyware program and make sure to keep it updated.
There are many alternatives for Windows users, but we recommend Malwarebytes.
Report data security violations #
Report security violations to the sentral security reception.
Contact NTNU SOC: email@example.com
Urgent messages: Messages about severe IT security matters can be reported by phone.
Orakel Support Services: (735) 91500 (8:00 - 16:00) - (Mon - Fri)
Night watch: (735) 97002 (24/7) - This number is ment for IT-personnel only.
Suspicious email. #
If you notice an email that looks suspicious, it is important to let us know. If you are using Outlook, there are a few extra steps you must take that make sure we get the critical information we need. Create a new email, select "Attach Item" , "Outlook Item" and select the suspicious email. Then send this to firstname.lastname@example.org. Do not hessitate, it can make a big difference.
Learn more about how to secure email here:
See also #
For general support regarding IT or Information Security contact Digital Security Division at email@example.com