IT-Security

Everyone is responsible for security!

Keep your workplace computer updated,

use the free antivirus software Sophos,

make regular backups of your computer’s data.

Everyone who is working on a PC that is part of our academic network is not only a passive participant and user but (knowingly or unknowingly) affects other PCs in the network. To avoid complications for yourself and others, everyone has to abide to certain rules, just like when driving a car.

Badly configured PCs pose a risk not only for themselves but also for all participants in the network. You can limit the damage of most attacks or avoid it altogether, when everyone who has a PC in the network follows a few, easy rules. In the end it comes down to doing the necessary with a reasonable amount of effort to improve the network’s security. There is no such thing as absolute security.

That is why we ask all members of our network to at least follow the so called Golden Rules! (german)

The ZIM will take devices off the network that pose a threat to the functionality of the whole network or subnetworks.

You find the Instruction IT Security in Moodle.

Please abide to the following rules, if a PC is infected:

Please report any security breaches directly to our ZIM-CERT-Team or via our Hotline.

  • Immediately take the PC off the network. Any data on the PC is unusable.
  • Never log into the system with an admin password if there is potential malware on your device, as long as the aforementioned system is still an active part of the network. A virus might be able to read your passwords in order to spread further.
  • Anyone who has worked with an infected system has to change all used/saved passwords (even private ones).

Advice on How to Protect Your PC

“Golden Rules”
Security ground rules for work space PCs
(german: english is coming soon)

Information about the distribution of malware via e-mail
How can I protect myself from Trojans and other viruses?
(german: english is coming soon)

Recommended settings under Windows 10
How do I keep my PC from sending data to Microsoft?

Secure connections to the university’s login servers
Information about the login server and access via ssh, putty, WinSCP and more
(german: english is coming soon)

Information and definitions regarding privacy regulations
Information from the legal department
(german: english is coming soon)

Blocking of port 25 (SMTP)
Information about blocked ports
(german: english is coming soon)

Encryption
Advice on how to encrypt sensible data
(german: english is coming soon)

Protection from Trojans
Advice on how you can protect yourself from trojans that are being distributed by “Drive-By-Downloads”
(german: english is coming soon)

Information for System Administrators and Server Operators

The so-called “Golden Rules” are basic knowledge for system administrators and server operators. To ensure a safe operation of their systems however, they need to use methods that are more extensive. Administrators and server operators usually already work closely with the ZIM. These collaborations are improved and intensified continuously to enhance the network’s security. For PCs with more specific tasks (e.g. laboratory PCs), it can be difficult to abide to certain rules. Thus, their operators have to work with qualified administrators to minimize security risks.

Playing by the “Golden Rules” requires an intensive and well organized collaboration between the ZIM and all other partners that use the interconnected, cooperative information and communications infrastructure. The ZIM offers a variety of aids and procedures, some of which transmit necessary measures for an automated execution to the ZIM:

  • Central Windows Domain as basis for automatic OS updates via the academic network
  • Free access to the antivirus software Sophos for all members of the university
  • Strict port blocks and filters at the transition to the academic network G-WiN
  • Structured organization of the university’s network
  • Monitoring of the network traffic statistics to detect conspicuous traffic patterns
  • Constant acceptance of fault reports: Hotline
  • Training events (german)
  • Websites

Guidelines for Information Security

The guideline determines responsibilities, responsibility structures, task assignments and collaborations between those involved in the university’s IT security process.

The guideline was determined by the rectorate and published under Guidelines for Information Security (PDF) (german)

Implementation/Modification of Data Processing Methods

The privacy law of the state of NRW (DSG NRW) forces universities to take technological and organizational measures and create security concepts for securing the user’s privacy.

Thus, when implementing or modifying automated processing methods for private data, the university has to go through certain legally mandatory check and documentation processes.

Zendas Data Security Websites

The Zentrale Datenschutzstelle ZENDAS (Central Data Security Department of the universities of the state of Baden-Württemberg) provides information on the topic “Data Protection at Universities”.

As part of a cooperation contract, employees of the UDE can now access this information. Go to https://www.zendas.de and press „Login“, and then „Mitarbeiter Login (Shibboleth)”. You will be redirected to the DFN-AAI website where you can choose Universität Duisburg-Essen. After that, you will be directed to the university’s Shibboleth page and can log in there with your Login-ID (Unikennung) and your password.