Responsibilities regarding information security

Everyone is responsible for maintaining information security. As a member of the university community, you are required to follow the terms of use and information security instructions approved by the university’s management (more information in the chapter Information Security).
In all problems related to information security, contact the helpdesk without delay. Call +358 (0)2 941 55555 or send e-mail to helpdesk@helsinki.fi.

Adhering to the terms of use

When you get access rights, you sign a contract and agree to use the university systems and equipment according to the rules and instructions provided. Rules concerning the use of information technology can be found in the terms of use. Separate instructions and rules apply to some IT services, such as the Office 365 system. The terms of use apply to all operations using the university user account or in the university network. Read the terms of use and remember that you are expected to follow them without separately being told to do so or being notified! The terms of use are based on three general principles:

1. Give everyone the opportunity for appropriate use

In principle, your user account is primarily intended to support your studies and not for hobbies or leisure use, for instance. A reasonable amount of use for own purposes is of course allowed. However, it is forbidden to use the university’s systems for all kinds of commercial or political purposes. Your user account is yours alone. You are not allowed to let anyone else use it nor let anyone else use the university’s services with your credentials.

You could consider the situation from this point of view: Even if you are an individual user, your acts influence, directly or indirectly, how the entire system works. The university is full of individual users and everyone’s actions count.

Immanuel Kant’s categorical imperative is a good guideline for the shared use of IT systems, too: “Act only according to that maxim whereby you can, at the same time, will that it should become a universal law”.

2. Do not cause harm to others

A user may cause harm to other users either on purpose or because of thoughtlessness. A very small number of users cause harm to others on purpose, but the harm caused by even one user’s thoughtlessness may be just as harmful as anything done on purpose. Answering the phone in a space where others work, for example, will surely disturb others, so take your calls elsewhere.

You may also cause harm to others by booking a group work room just for yourself for long periods of time or by using a university computer for something that is not connected with your studies (such as playing a game or browsing Facebook).

Likewise, you must honour mailing lists: a subject association list, for example, may have hundreds of recipients, so think carefully what you post and where you post it.

The above also applies to the private use of the University of Helsinki’s services. Using storage space, e-mail and other services for your own, non-university-related purposes is allowed provided that it does not impact other use of the system negatively!

3. Respect the privacy of others

Naturally, other users’ private matters are no concern of anyone else, and hacking into e-mail or another user’s home directory are forbidden in Finnish law. You may, however, sometimes find a computer where the previous user has forgotten to log out. In this case, immediately log the previous user out and then log in with your own credentials before you start working. Remember that using someone else’s user account is automatically a breach of the terms of use, and depending on the case, it may also be considered a criminal offence.

Instructions and restrictions related to the terms of use:
– Do not disturb other users.
– Logging in to the system with the wrong user account and exceeding the permissions of one’s own account (or attempting it) are forbidden.
– Never, under any circumstances, disclose your passwords to anyone else.
– Trying to find and use any information security weaknesses is forbidden.
– Hacking or attempting to hack into systems is forbidden.
– Do not send inappropriate mass e-mails, chain letters or computer viruses.
– Copying, possessing or distributing programs or files without authorisation is forbidden, as is storing illegal copies in the University of Helsinki’s systems.

The terms of use provide details on misuse and its consequences. In cases of misuse, the university’s own investigation and restriction actions are applied primarily. A user account may be closed, for example, if reasons exist to suspect misuse or risk to information security. In serious cases, the university may present the matter to the authorities.