Skip to content
Kaksi henkilöä ja katsovat ulos kuvasta oikealle ja hymyilevät. Toisella on tietokone sylissä ja he istuvat sohvalla.
Home Student pages IT Services for Students Information Security for Students

Information Security for Students

Take care of your digital security during your studies. Information security is an important part of smooth studying. On this page, you will find the key IT rules and instructions for safe use of online services.

Why is information security important?

There are various security threats associated with daily data processing. One serious threat is malware spread through networks and email. They can, for example, steal or destroy your files, transmit your login and password information to the creator of the malware, or slow down the operation of computer networks. Antivirus software cannot protect against all malware, as new ones are constantly emerging. Other serious threats include identity theft and the pursuit of financial gain through the use of user data.

In the era of artificial intelligence (AI), even phishing messages are becoming more credible. In addition, AI applications may collect data without your knowledge.

  • Use common sense and follow instructions to protect your information, workstations, and networks from security threats.
  • Protect not only your own information, but also the information of others that you have in your possession. Information that should be protected from outsiders includes personal and contact information, banking information, health information, and email messages.
  • Utilize multifactor authentication (MFA) when logging in, if possible.

If you have any questions about information security or need help with a security-related situation, please submit a ticket to the Helpdesk.

IT Rules and Student Information Security

  • You log into HAMK systems with a personal username (e.g. amk123456) and password. Treat your username and password with the same care as your bank card and PIN.
  • After receiving a new password from IT support, change it immediately to one that only you know. Change your password frequently and immediately if you suspect it has fallen into someone else’s hands.
  • You are responsible for the use of your account. Do not give your password to anyone else. Even system administrators should not know it. If someone asks for your password, they are undoubtedly up to no good.
  • Choose your password carefully. A good password is one that you can easily remember, but that outsiders cannot break. The password should be at least ten characters long, with both uppercase and lowercase letters, as well as numbers or special characters. Do not use everyday or personally related words as passwords. Avoid writing the password down as it is.
  • Do not use the same password in any service outside of HAMK as in HAMK services, so that cracking the password of an external service does not allow access to HAMK systems.

  • Always log in to the computer with your own credentials. After use, delete any temporary files you may have saved on the computer before logging out.
  • Always lock your computer when you leave it, even if it’s just for a moment (on Windows machines: Win+L). This prevents unauthorized use of your account and files. However, please note that locking your computer for an extended period of time may be prohibited, as it will make the computer unavailable.
  • When you save your material to your home directory (P: drive), HAMK takes care of backing up your material. When you save your material to OneDrive cloud service, Microsoft takes care of backing up your material.
  • Save changes regularly (in many Windows programs Ctrl+S), if you are editing text or other material for a longer period of time. This way you won’t lose all the work you have done in case of a technical malfunction.
  • Software installation on HAMK’s computers is prohibited. If you need a specific software, please contact the Digital Services Helpdesk.

You are the administrator of your own computer. Monitor its activity and ensure its security by following these instructions:

  • Always protect your online computer with a firewall and anti-malware protection
  • Do not install any programs that you do not actually need. Download and install software only from official websites or app stores. Remember to install software security updates.
  • Create personal credentials for your devices (without administrative rights) for each user. Administrative credentials should only be used for administrative tasks (software installation, creating other credentials).
  • Make regular backups of your files. For example, cloud services are a good way to backup.
  • Clear your device’s data or restore factory settings before taking it to WEEE recycling.
  • Protect your device from theft. Protect the device with a lock code (in addition to a PIN code) so that others cannot access its information. Find out if the device can be remotely wiped if needed.
  • Turn off wireless connections (Bluetooth and WLAN) whenever you do not need them.

  • Always check the actual destination address of a link before clicking. Be especially cautious if you have received the link in a message.
  • Be aware of phishing messages, where you are asked to give away your username and password or enter them on a website. Administrators will never ask for your password.
  • Be suspicious of the reliability of the email message. The email could come from someone other than the sender shown in the sender field. Malware can also send emails without the user’s actions.
  • Advertisements and chain letters sent without the recipient’s permission are spam. Do not respond to them, but destroy them immediately. If an offer seems too good to be true, do not trust it.
  • In addition to email, you may also be targeted by other means, such as phone calls or social media. Beware of unexpected bills and fake messages claiming to be from administration.

  • It is not advisable to trust the security of internet cafes, libraries, and public computers, as they may contain programs that collect user information. Consider whether it is necessary to log into your personal email from such a computer.
  • Using a computer and programs always leaves behind information about you and your actions. Learn in advance how to clear your browser’s cache and delete other common traces of your usage.
  • The costs of using mobile data abroad can be high, use it wisely. Explore the possibilities of using Eduroam.

If you suspect that there is or has been a malware on a computer you are using, follow these steps:

  1. Change all the passwords on another computer immediately that you have used on the infected computer or that are the same as those used on that computer. To investigate the misuse, report the suspicion of malware and the possible hijacking of your account to the customer service of the most important services you use.
  2. If the computer is yours, do not use it until you figure out how to remove the malware. If someone else owns the computer, contact the responsible person or organization and explain the situation. For cleaning your own computer, you can get limited help from HAMK’s Digital Services Helpdesk or from the website of your antivirus program’s manufacturer.

If you suspect a security breach or misuse of the system, please contact the responsible service. If the service is provided by HAMK or you used the service with a HAMK-provided account, please contact the Helpdesk. For other services, please send a report to the organization’s abuse address (e.g. abuse@domain) or call the organization’s switchboard and ask to be directed to the person in charge of handling security matters. Clearly state what you have observed and when the incident occurred. Also, leave your name and contact information so that you can be asked for additional information if needed.

  • Use the email address provided by HAMK in internal communication and services, such as the study register and learning environments. This will improve the security of communication.
  • If you receive an email belonging to another person, please inform the sender of the incorrect address. Remember that you have a confidentiality obligation regarding the message you received.
  • Email messages can contain malware or may redirect you to a page containing malware. Do not open a message if you are unsure of its origin or if sending it has not been agreed upon.
  • Email messages typically move through the internet without any encryption or protection, so any sensitive information that requires protection must be encrypted before sending.
  • Consider who you give your email address to and where you publish it. Avoid using your HAMK email address on online forums and social media platforms (e.g. Facebook) and get a separate email address for personal use.

  • Make sure that you have the right to use the software you install on your computer. Do not install illegal copies.
  • Explore the terms of use for electronic materials in libraries.
  • Copyright protects films and music, among other things. Do not copy or distribute them online without the express permission of the copyright holder.
  • Link to Kopiraittila Academy (Copyrights) 

  • When using different online services (Facebook, TikTok, Instagram or image sharing services, etc.), consider what personal or other information you are providing to them. You must have permission to disclose another person’s information. Once personal information such as a photograph or home address is posted online, it may be impossible to completely remove it later.
  • It is easy to pretend to be someone else or a different person in online communities. Do not trust everything you read too much.
  • Watch out for pop-ups and advertisements on the website. Malware spreads effectively through social media and online services – don’t click carelessly. 
  • Do not use online services that do not seem reliable.
  • Monet online services are cloud services, meaning that the information entered by users is only stored on the service provider’s servers, often outside of Finland. Cloud services come with several security risks that are important to be aware of. It is recommended to check the terms of use before using the service, at least regarding the ownership of information and that your data will not be shared with others.
  • Check the settings that affect the privacy of your user profile (who can view information) and adjust them if necessary.
  • Do not save location information to the online service in the pictures you upload. Turn off the camera’s GPS feature or remove the location information from the pictures before publishing them.