Data and IT security

Multi-factor authentication – MFA

To increase the security around our computer accounts, Malmö University has brought in multi-factor authentication (MFA). This means that you need to periodically confirm your identity via a mobile telephone app.

Do not approve MFA requests unless you are sure that you are the person who initiated them. One method of gaining unauthorised access to MFA-protected accounts involves making a large number of log-in attempts in the hope that the legitimate user will eventually tire and click on the approve access option.

What is multi-factor authentication?

You confirm who you are when you log in to an online account, such as your email, with your username and password. For a long time, this was enough to protect you from someone else gaining access to your account. Unfortunately, it's not so secure anymore - usernames are relatively easy to find and passwords are usually simple and easy to remember.

That's why almost all online services have added a way to make your accounts more secure. You may hear it called 'two-step verification' or 'multi-factor authentication'. When you log in to your account, you need more than just your username and password. You also need a method of a second verification, called a second 'factor', to prove who you are.

Information security is the overall security that ensures that the information held by an organisation is always accurate, accessible and confidential. Information security covers all types of information, whether digital or analogue.

IT security is a part of technical security that focuses on protecting IT systems from various forms of attack or intrusion. It involves the prevention, detection and management of threats to networks, devices, programmes and data.

Phishing

Pay close attention to all emails you receive. Phishing attempts often come in the form of innocent-looking messages, for example, asking you to quickly click on a link to authorise something.

If you have accidentally clicked on an 'unsecured link' or tried to log in to an 'unsecured site', you should change your password immediately.

Checklist for protecting yourself from phishing and malicious code

Check emails carefully before opening an attachment or clicking on a link. Is the message expected? Does the sender usually use this style of language?
Be vigilant and do not click on links if, for example, you are asked to provide your card number, account number or password, if you are asked to download attachments or software, or if you are urged to act quickly.
If you are suspicious, you should verify the sender through sources other than those listed in the email or refrain from opening the email and clicking on links. You can also contact IT if you are unsure.

Contact IT support

Safe Links in Outlook

Microsoft Safe Links is a built-in security feature in Outlook designed to protect users from unsafe links in e-mail messages. If a link is deemed dangerous, access is blocked and the user receives a warning message, helping to protect against phishing and other cyber threats.

More about Safelinks (microsoft.com)

Web filter to protect IT systems and computers

Malmö University uses a web filter to protect our IT systems and computers. The filter is a security measure that prevents unauthorised access to our data and protects against malware. The filter blocks pages that, for example, contain malware, fraud attempts or are classified as high-risk.

Multi-factor authentication – MFA

What is multi-factor authentication?