Umpio storage space

RSA authentication has been replaced by MFA authentication. To login, use the address
securedesk.helsinki.fi

 

The Umpio storage space is a secure network folder for high-risk sensitive data. It can only be used with a virtual computer using two-factor authentication.

Umpio was designed as the processing environment for materials requiring special protection, such as business secrets, inventions, labeled or identifiable special categories of personal data and authoritative information with categorised protection level, instead of the usual network drives and workstations.

It is not necessary to transfer all non-public materials to Umpio, but it may be advisable, depending on the working methods. The line is drawn case-by-case; should the materials have the potential to cause damage or considerable harm to the University or its reputation, to an external owner of the materials or to a person identifiable from the materials, if made public or accessed by unauthorised individuals, they belong in Umpio.

 

    Ordering the service

    1. Place your order through Helpdesk .
    2. Access to the Umpio storage space is based on IAM group management as in the use of other group disk spaces. Use this tool to check that the IAM group limiting the users of the folder exists or, if necessary, create a new group.
      NOTE: the group owner is not automatically a group member, so if you want the owner to be able to use Umpio, add them as a member.
    3. Report the IAM group that you are using and the desired storage space to the processor of the support request. The pricing of storage space corresponds to the price list of group disk spaces. Please also confirm the order with your unit’s service coordinator (listed in Flamma).

     

    Umpio in a nutshell

    For more instructions, see the Detailed help tab

    The use of Umpio has changed.

    RSA authentication has been replaced by MFA authentication. To login, use the address
    securedesk.helsinki.fi

    The instructions are outdated and will be replaced with new instructions. In particular, please note that the service address in the images is incorrect. The correct address is securedesk.helsinki.fi

    If you do not yet have Umpio storage space, first order it as described in the Quick help.

    Implementation of the service

    The service uses MFA authentication.

    • Log into the service at securedesk.helsinki.fi
    • Click Accept.
    • Enter your username using the short form (e.g. rkeskiva) and your password. Click Login.

    After entering the credentials, MFA authentication is performed by using the method you have chosen.

    VMware Horizon Client program

    On your computer, open the VMWare Horizon Client application or the virtual environment in your web browser at securedesk.helsinki.fi 
    If you are using the VMWare Horizon Client application on a UH computer, add securedesk.helsinki.fi by clicking on the + Add Server option to include it in the list of optional VDI servers. 

    • Start configuring the new server in the Add Server menu of the Horizon Client. (1)

    • In the new window, enter the address of the connection server securedesk.helsinki.fi (2)

    • After clicking Connect, the securedesk target will appear in the Horizon start menu.

     

    Authentication process

    Once the initial preparations are completed, you can start connecting to the securedesk connection server. Please note that the login process will include two consecutive authentication dialogues, the first of which is MFA authentication notification. The actual authentication is done after entering the credentials.

    Workstations

    • In the VMware Horizon Client view, open securedesk.helsinki.fi.
    •  In the securedesk.helsinki.fi view, you can now open the Umpio virtual desktop.

     

       

      Using Securedesk and Umpio storage space

      After accessing securedesk, check the file sharing settings between your computer and the virtual workstation if you plan to transfer or copy files:

      • If you are using VMWare Horizon Client on a Windows computer, select Sharing behind the cog icon in the top right corner and click the Add button to add the folders you want to share from a local drive. Also tick Share your local files and Allow access to removable storage.
         
      • If you are using VMWare Horizon Client on a Mac computer, select VMWare Horizon Client -> Preferences -> Sharing tab from the top menu and click the Add button to add the folders you want to share from a local drive. Also tick Share your local files and Allow access to removable storage.
      1. In the list of virtual computers, select Secure desktop & Umpio. Once it opens, you should see the Umpio group disk space in file management as a drive connected to the letter U and the folders shared from your computer as a Z drive. Use the Connect USB Device option in the top bar to connect and use USB devices.
      2. Umpio is shown as a U: drive in File Explorer and the Umpio’s backup is shown as a V: drive in File Explorer:

      Virtual desktops (virtual computers) VDI and VMware

      FAQ

      Q: Does the user need to take any action to ensure that their data is erased from the system?
      A: No, they do not. The data will be automatically erased after it has been removed from the backups.

      Q: Can the user (accidentally or intentionally) remove data from backups?
      A: No, they cannot.

      Q: Can the administrator (accidentally or intentionally) remove data from backups?
      A: No, they cannot. Administrators have the ability to delete everyone's data, but never individual pieces of data. Typically, the deletion of backups is done at the end of the storage system's life cycle.

      Q: How long are backups of Umpio (both home and group disk spaces) retained?
      A: 6 months.

      Q: If a group no longer needs storage space in Umpio, should they do something?
      A: The group should request deletion of its storage space from IT Helpdesk. Helpdesk will forward the deletion request to the capacity services who will delete the storage space.

      Q: If a group no longer needs the group disk space, should they do something?
      A: The group should delete its storage space with the group disk space manager Ryhti. If a group no longer needs the IAM group, it can be deleted using the IAM group management tool.

      Give feedback

      The instructions site of the University of Helsinki's IT Helpdesk helps you with IT-related issues related to your work. Let us know how we can improve our instructions. We greatly appreciate your feedback!

      How would you improve these instructions?
      Back to top