Skip to main content
To KTH's start page

Information security

KTH conducts active information security work. This entails the creation of the conditions necessary to protect all information, from research data to employees' personal data, and everything in between. This includes setting requirements for technical protection and routines, as well as what employees need to do to ensure the work and data remain secure.

Information security is often divided into three categories, which is also one of the starting points for the work at KTH:

  1. Availability – Information should be accessible to authorized users when needed, without unnecessary obstacles or interruptions. For example, availability is crucial when paying salaries on time or for a database containing research data that is used around the clock by researchers worldwide. If such systems are unavailable at the right time, it can cause significant issues, both for employees who don't receive their salaries and for KTH's credibility as a research partner.

  2. Confidentiality – Only authorized individuals should have access to certain information. This protects sensitive data from unauthorized access and ensures that personal or critical operational information does not leak. An example where confidentiality is important is in research collaborations with external companies. KTH often signs agreements with these companies, guaranteeing that we won't leak research data until it is ready for publication. Another example is specific personal data about employees, which should only be accessible to individuals with the proper authorization.

  3. Integrity – Information must be correct, up-to-date, and reliable. This means data must not be altered or manipulated improperly. For instance, KTH needs to guarantee that a set of experimental data, upon which certain research depends, is consistent with our results, even in the future, or that we can later prove who actually conducted the research.