Information Security

We take information security and user safety very seriously. This page outlines how you can report security incidents you encounter using UNU’s ICT services.

The CIA Triad: Cornerstones of InfoSec

At the heart of information security lies the CIA triad:

  • Confidentiality: Ensures only authorized individuals can access your information.
  • Integrity: Guarantees the accuracy and completeness of your information.
  • Availability: Makes sure your information is accessible when needed.

Report a security incident

Reporting a Security Incident

If you suspect that your information security has been compromised, it’s crucial to report it immediately. The specific procedure might vary depending on the situation, but generally:

  • Identify the incident: What happened? Was it a lost device, data breach, a suspicious email, or unauthorized access to an account?
  • Gather details: Collect any relevant information about the incident, such as timestamps, error messages, or suspicious email content.
  • Report the incident: Contact the UNU Helpdesk.
  • Follow instructions: Cooperate with the investigation and follow the recommended steps to secure your information.

Report abuse

Abuse can encompass a wide range of activities that violate our Terms of Use or Acceptable Use Policy. Here are some examples:

  • Harassment or bullying: This includes sending threatening or offensive messages, stalking, or any behavior that creates a hostile environment for others.
  • Hate speech: Content that attacks a person or group on the basis of attributes like race, religion, ethnic origin, national origin, sex, disability, sexual orientation, or gender identity is strictly prohibited.
  • Spam: Unsolicited bulk messages or commercial advertising is not allowed.
  • Phishing attempts: Any attempt to trick users into revealing personal information or clicking on malicious links.
  • Malware distribution: Sharing content that contains viruses, spyware, or other malicious software.
  • Copyright or trademark infringement: Using content without the owner’s permission.
  • Fake accounts: Impersonating another person or creating misleading accounts.
  • DDoS attacks: Deliberately overloading our systems with traffic to disrupt service.

How to Report Abuse

We offer several ways to report abuse:

  • Email/Web: Contact UNU Helpdesk.
  • Contact Form: Use our dedicated contact form for reporting abuse.

What information should you include in your report?

The more information you provide, the better we can investigate and address the issue. Please include the following details in your report:

  • Description of the abuse: Explain what happened in clear and concise language.
  • Date and time: When did the abuse occur?
  • Screenshots: Include relevant screenshots if possible. This could be the abusive content, user profile, or chat conversation.
  • Links (if applicable): Provide links to the specific content or user profile you are reporting.
  • Contact information: While optional, providing your contact information allows us to follow up with you if needed.

Report a stolen or lost item

Losing or having an item stolen can compromise your information security. Here’s what to do:

  • Report the Loss/Theft: File a police report for stolen items. Notify the relevant authorities like your bank or credit card company for lost cards.
  • Report the Incident: Contact the UNU Helpdesk.
  • Change Credentials: Update passwords for any accounts accessed from the lost/stolen item.

How to avoid being phished

Phishing emails are deceptive attempts to steal your personal information. Here’s how to avoid being phished:

  • Scrutinize Sender Addresses: Don’t trust emails seemingly from legitimate sources without verifying the email address.
  • Beware of Urgent Requests: Phishing emails often create a sense of urgency to pressure you into clicking malicious links.
  • Hover Over Links (Without Clicking): Check the true destination of a link before clicking by hovering your mouse over it.
  • Never Share Sensitive Information via Email: Legitimate organizations won’t ask for passwords or other sensitive data through email.
  • Report Phishing Attempts: Forward suspicious emails via ‘Report Phishing’ in Outlook for further investigation.

Think before you click – Following these guidelines and staying vigilant can significantly enhance your information security posture. Remember, a well-informed user is a powerful defense against security threats.