Home » Services and Admin » ICT Service » Security

Information Security

We live in a data-driven world. Almost every transaction and interaction you have with most organisations involves sharing data including your personal data.

Sharing data helps make life easier, more convenient and connected. However, cyber threats put at risk our digital identity, the security of our devices and the data we exchange using Apps such as email and cloud storage.

We aim to build a culture of security awareness within our Institute to increase the protection against cyber-attacks. 


Cyber threats

Today's attackers are more sophisticated and organized than in the past. They often have specific financial and strategic goals. They are interested in stealing research and information, financial accounts, and private data. Hackers are motivated by financial gain, espionage or the intent to leverage a particular business or position. The most common cyber threats include phishing attacks that target the whole organisation or specific groups, and impersonation attacks; malware delivered through attachments, URL links and Adware injected with malicious code; credential stealing and identity theft conducted by taking advantage of weak passwords. 

All information you work with has value

  • Think before you take it out of the office
  • Think before leaving it unattended
  • Dispose of it carefully
  • Be careful about working on confidential information in public spaces

Keep system updated

Apply security patches when released and apply monthly patches (i.e. Microsoft releases patches on the 2nd Tuesday of each month). Many malware infections result from the exploitation of bugs in software (web browsers, operating systems, common tools, etc.). Updating your software regularly helps to keep your devices and files safe.

Backup data

Data backup will help you to recover data. In case your laptop is lost or stolen, or malware or crypto locker delete or encrypt your data, you will still be able to access your personal files (pictures, personal data, contact lists, etc.) from another computer. There are a number of solutions available including copying data onto a removable hard disk, or synchronising local data storage with OneDrive personal cloud storage.

Use Antimalware software

Protect your device by running Antimalware software such as Windows Defender (Win10) or select one of the off-the-shelf products available on the market (i.e. Norton by Symantec, TrendMicro, Kaspersky, McAfee, Bitdefender ...). New-generation antimalware products have increased their capabilities to detect and remediate cyber threats by applying Artificial Intelligence and Machine Learning capabilities.

We ask for your collaboration to promptly communicate threats.

 

Report a problem


Office hours and outside office hours visit the  EUI Helpdesk website

  • In case of phishing, just forward the email to [email protected]
  • Send an email to  [email protected] in case of major issues concerning hacking activities also during EUI closure

 

Report a cyber-crime or an online fraud


  • Contact the local police authorities when your personal devices, bank account, non-EUI email address have been involved (i.e. banking Trojan, social media accounts, identity theft, non-EUI account compromised, etc.).
  • If you are a victim of Ransomware, report it immediately to your local police and the payment processor involved (i.e. bank or credit card company). You may consult the site  No More Ransom to check whether you have been infected with one of the Ransomware variants for which there are decryption tools available free of charge.
  • Send an email to  [email protected] in case of cyber-crime or online fraud occurring in the workplace using EUI equipment and/or digital resources.

 

Phishing

The technique of phishing is used to steal users' sensitive personal information for the attacker's gain. Through fake emails, they try to fool you into revealing your passwords or credit card data or downloading a computer virus.

Protect yourself:

  • Never answer email requests for passwords, security codes, pin codes, etc.
  • Only open email attachments sent by addresses you trust
  • Be suspicious of any email that requires 'Immediate action'
  • Don't trust emails with a general address, such as 'Dear Customer' or 'Dear Sir or Madam'
  • Be suspicious of any email with grammar or spelling mistakes
  • Don't trust emails that come from someone you know, but from an unusual email address
  • Is there a link? Hover your mouse over it and discover the true destination of the link 

If you encounter a phishing attempt ... Stop. Don't click on any links. Don't open any attachments. Just forward the email to  [email protected] and we'll investigate it.

If you want to know more on this topic, contact the EUI Help Desk or your local User Support.

 

Malware

The word Malware is derived from the term 'Malicious Software'. Any piece of software that performs undesirable operations such as data theft or some other type of computer compromise can be categorised as Malware. The main types of Malware are: Trojans, Viruses, Worms, and Spyware. The symptoms caused by these different types of malware may sometimes be similar. However, they mainly differ in the way they spread and infect systems.

There are many precautions that one could adopt that will greatly increase a user's protection from a wide range of malware:

  • Since many different types of malware take advantage of OS and software vulnerabilities it is important to keep software and operating systems up to date with the latest vulnerability patches.
  • Use anti-malware and firewall software to protect your systems.
  • Keep anti-malware software up to date with the latest malware definitions.
  • Do not download files, programs, attachments, etc. when you are not sure of what the content or original source might be.
  • Only use legitimate sources of software and data. 

 

Computing Account Compromised

If you suspect that your account has been compromised because you have clicked on a link in a phishing email or your account has been blocked, please change your password immediately and report to the Help Desk.

 

Password Change

Follow the guidelines in the Strong Password Policy such as "... passwords must be 8-16 characters long and may contain only the following characters: A-Z, a-z, 0-9, ! % - _ + = [ ] { } : , . ? < > ( ) ;". 

For instructions on how to change your password, see Password Portal.

Passwords can be reset here.

 

Additional Information

 

 

Page last updated on 18 December 2018