Basics of Information SecurityLaajuus (3 cr)

Objective

Purpose of the course

Information security and data privacy are part of everyday life in the workplace. Taking care of information security and data privacy is everyone's responsibility, not just those working in the ICT sector. The purpose of this course is to familiarize students with the basics of information security and data privacy in all areas of information security: How to ensure personal information security, what administrative and physical security are, and how they are supported by technical security solutions. You will also become familiar with information security practices in the ICT field and different technical security solutions in the context of web application development. You will learn to consider security in all phases of your work.

Course competences

- Learning to Learn: Is able to acquire, critically assess and appropriately apply the national and international knowledge base and practices of their field.
- Internationality and Multiculturalism: Is able to monitor and utilise the international development of their field in their work.
- ICT Specialization Competence: Is able to apply their knowledge and skills in a specific area of ICT, as well as analyze, evaluate, and develop operations in this area.
- Information System Competence: Is familiar with typical information systems and services and understands the importance of security in utilizing services.

Learning objectives of the course

You will be familiar with the basic concepts of information security and understand the importance of information security in everyday operations. You will be able to assess security risks and consider security in web application development. You have an understanding of various administrative, physical, and technical ways to ensure the availability, confidentiality, and integrity of information.

Content

In this course, you will become familiar with the three main areas of information security: availability, confidentiality, and integrity of information. You will learn the terms information security and data privacy and learn to assess security risks. You will explore the concepts of administrative and physical security and different ways to ensure the availability, confidentiality, and integrity of information from a technical perspective.

Regarding technical security, you will have a superficial understanding of different encryption methods, the use of certificates, the functioning principles of firewalls, and the design of network infrastructure from a security perspective. In addition, you will become familiar with the basic principles of secure application development and methods for monitoring the security situation. You will learn to follow national and international information security sources and react to them.

Assessment criteria, approved/failed

You will be familiar with the basic concepts of information security and understand the importance of information security in everyday operations. You will be able to assess security risks and consider security in web application development. You have an understanding of various administrative, physical, and technical ways to ensure the availability, confidentiality, and integrity of information. You are able to follow and analyze national and international information security news and sources and evaluate needed tasks to adhere them.