Tehdyt toimenpiteet

Confidentiality and information privacy

Confidentiality is a requirement and prerequisite for incident handling.

Funet CERT will only pass on information relating to an incident if the reporting party has given its consent or if required by Finnish legislation .

In certain circumstances Funet CERT will pass on vulnerability information that is not publicly disclosed to predefined secuirty personnel in customer organizations. In such cases, Funet CERT specifically requires that the information be not passed on prior to public disclosure of said vulnerability.

Encryption of confidential communications

In case you wish to send confidential information to Funet CERT via e-mail, you should send it encrypted to prevent third parties from reading the mail in transit. Funet CERT uses PGP-encryption for confidential messaging.

To send Funet CERT an encrypted message, you need to encrypt it with Funet CERT's public key. The public key has been signed by the TI-network's CERT organizations.

If you do not have the PGP or GPG available or if you have problems with sending your message by email and wish to send confidential information to Funet CERT then fax it .

If Funet CERT provides you with information pertaining to an incident, please handle it with due caution, especially if the data contains identity information or information about an ongoing security breach. Confidental information should always be stored encrypted on a secure server.

If you are the victim of an information security breach or some other serious incident, you should or in certain cases required by law,you must report it to CERT-FI using the provided forms (PDF-format) or (MS Word-format).

Data protection

Data protection deals with the integrity and protection of an individual's privacy and identity. Data protection is a part of information security. Investigation of information security breaches poses a challenge, since even when investigatig an incident, the involved parties have their rights to privacy.

Finnish legislation protects an individual with a strong right to privacy. Privacy is safeguarded in the constitution, in addition to which, there is a number of laws pertaining to data protection.

Implementation and follow-up of data protection in Finland is the responsibility of the Data Protection Ombudsman.

CSC

Osiot

Aliosiot

Tehdyt toimenpiteet

Confidentiality and information privacy

Encryption of confidential communications

Data protection


Sisältö What is Funet? Network status Network services and support Abuse Backup connections Connections Domain name services E-mail services eduroam Funet CERT What is Funet CERT? Services Confidentialy and information privacy How to file an incident report Cooperation Funet CERT contact information The public PGP key of Funet CERT High-end capacity and light paths IP multicast IPv6 Listme Network Operations Center Newsfeed Newsread NIC NTP time service Performance enhancement (PERT) Training and specialist services Video technology	Tehdyt toimenpiteet Confidentiality and information privacy Confidentiality is a requirement and prerequisite for incident handling. Funet CERT will only pass on information relating to an incident if the reporting party has given its consent or if required by Finnish legislation . In certain circumstances Funet CERT will pass on vulnerability information that is not publicly disclosed to predefined secuirty personnel in customer organizations. In such cases, Funet CERT specifically requires that the information be not passed on prior to public disclosure of said vulnerability. Encryption of confidential communications In case you wish to send confidential information to Funet CERT via e-mail, you should send it encrypted to prevent third parties from reading the mail in transit. Funet CERT uses PGP-encryption for confidential messaging. To send Funet CERT an encrypted message, you need to encrypt it with Funet CERT's public key. The public key has been signed by the TI-network's CERT organizations. If you do not have the PGP or GPG available or if you have problems with sending your message by email and wish to send confidential information to Funet CERT then fax it . If Funet CERT provides you with information pertaining to an incident, please handle it with due caution, especially if the data contains identity information or information about an ongoing security breach. Confidental information should always be stored encrypted on a secure server. If you are the victim of an information security breach or some other serious incident, you should or in certain cases required by law,you must report it to CERT-FI using the provided forms (PDF-format) or (MS Word-format). Data protection Data protection deals with the integrity and protection of an individual's privacy and identity. Data protection is a part of information security. Investigation of information security breaches poses a challenge, since even when investigatig an incident, the involved parties have their rights to privacy. Finnish legislation protects an individual with a strong right to privacy. Privacy is safeguarded in the constitution, in addition to which, there is a number of laws pertaining to data protection. Implementation and follow-up of data protection in Finland is the responsibility of the Data Protection Ombudsman.