Recommendations & Guidelines
Information security is a very complex topic, where technical and organizational measures must be applied equally in order to achieve sufficient protection for the entire organization. In order to make this somewhat easier for you, we provide here a series of guidelines and advisors which have been developed from corresponding recommendations, e.g. of the BSI, and the exchange with other information security officers in the state of Baden-Württemberg.
- Guideline passwords
- Guideline password management with KeePass
- Guideline for safe homeoffice
- Guide for safe handling of e-mails
- Mozilla Thunderbird Guide
- Recognize official e-mails
- IT Systems Guide
- Windows 10 Guide
- Virus Infestation Procedure Guide
These guides will be updated and extended.
Despite all efforts to ensure secure operation and sensitive use of IT, critical incidents cannot be ruled out. All operators of IT systems at the university should prepare for such emergencies by taking appropriate organizational and technical measures. In the event of an emergency, appropriate documentation should be available (also offline) to achieve the following goals, among others:
- Initiate immediate measures
- stop the spread of damage
- Reach important contact persons by telephone
- comply with legally required reporting channels and deadlines
- Securing evidence for later processing and, if necessary, criminal prosecution
The BSI and the Alliance for Cybersecurity provide handouts for this purpose, which can already be used to set up a basic emergency management system. The BSI's IT emergency card can also be useful. It describes the most important rules of conduct for end users in the event of IT emergencies so that panic-like actions do not increase the damage (all document only available in german):
- IT emergency card (PDF) to print out and post, e.g., on bulletin boards, in offices, etc.
- Catalog of measures for emergency management (PDF)
- The TOP 12 measures to take in the event of cyber attacks (PDF)
- Also recommended for preparation: Set up emergency communication with Zoom
Communication and Information Centre (kiz)
Please contact us if you have questions or problems related to the kiz services:
Office hours
Monday - Thursday
09:00 h - 12:00 h and 13:00 h - 15:30 h
Friday 09:00 h - 12:00 h
Phone
+49 (0) 731 / 50 - 30000
Telefax
+49 (0) 731 / 50 - 1230000
Order a Callback
helpdesk(at)uni-ulm.de
Support Portal (Uni internal)
[more]
Service Points are locations where you can visit us personally.
Using self-service functions of the Identity Management System (IDM): Administer permissions, subscribe to services, change passwords.
Research in the library stock: monographs, textbooks, magazines, university publications, e-books, e-journals, national licenses, and the contents of the institutional repository OPARU.
With about 400 keywords you will get direct access to our services. If something isn't listed, please contact our Internet Editorial Office.
more about: Awareness raising
The Security-Usability-Society (SECUSO) research group at KIT has developed training videos on how to recognise and deal with phishing emails. The videos are about 5 minutes long and include a general introduction, the most important rules for recognising fraudulent messages and illustrative examples.
The University of Mannheim has produced a six-part podcast series in cooperation with an agency. Embedded in a radio play, listeners learn more about various dangers in the IT sector and receive tips on how to deal with security problems.