Log an issue about information security and data protection

Report security breach 

Confidentiality: prevents unauthorised access to sensitive or protected information.

Integrity: prevents unintended alteration, destruction or manipulation of information.

Availability: ensures users get access to information when needed.

Incidents that lead to a breach of confidentiality could for example be the publication of confidential information on a website, while a breach of integrity may occur if the same data is altered in unintended ways by unauthorised people. Incidents that create a breach of availability could be that employees are unable to access the information they need because the computer systems are down.

The importance of reporting security incidents

In the event of security breaches and other security incidents or suspicions of such, all employees and students are required to report this. Immediate measures will be implemented if possible to prevent the incident from taking place. If the incident has already taken place, measures to reduce the damage will be implemented. All reported security breaches, current threats, vulnerabilities and incidents provide valuable information to those responsible for cyber security at UiA. The information allows us to get a comprehensive overview of the state of security at UiA, and also helps us improve our security and threat  prevention in a holistic and appropriate manner.

Who receives the report?

UiA has a separate Incident Response Team (IRT).

IRT at UiA coordinates and manages ICT security incidents and personal data breaches. The unit is dedicated to ICT security and ICT incident management. IRT provides support and is a collaboration partner in the event of security breaches/discrepancies or security incidents.

<

Suspicious emails

Please report any suspicious email! Forward such emails to spam@uia.no.

Information about security in the higher education sector can be found at https://www.sikresiden.no/en

Examples of incidents that should be reported:

• Breaches of UiA's information security policy or IT regulations  
• Violations of Norwegian laws and regulations
• Sensitive or protected information has fallen into the wrong hands
• Breaches of the Personal Data Act         
• Breaches, or suspected breaches, to the confidentiality or integrity of sensitive or protected information
• Threatening incidents targeting cyber security

Obligations as students and employees

Being a student or employee at UiA means that you have access to the university's IT services and that you process data. All students and employees at UiA are obliged to comply with laws and regulations as well as the university's own policies, procedures and guidelines.

Data protection and privacy

UiA processes a range of information about students, employees and external parties. The Personal Data Act sets the requirements for how this should be done. Requirements are placed on all who come into contact with personal data, and the systems that process such information.

Procedure for sending sensitive information

Important information that is not personal is also produced and stored. Many of the same security safeguards also apply to such information. The regulations therefore cover information security in general as well as personal data in particular.

Files containing sensitive information must sometimes be sent digitally, then it is very important to think about encryption and security. We therefore ask you to follow the procedure for secure sending of data when you send personal information digitally.

More information about security can be found at sikresiden.no/en. This site provides information on how you can prevent risks, but also what to do if incidents do occur.

Courses and training

Sikresiden.no/en is a web app which offers brief e-learning sessions on important safety and security issues, as well as guidance on what to do in an emergency. Sikresiden.no is specially adapted for students and staff at universities and university colleges.