1. Separate professional and private life
Please use University computers exclusively for business purposes, even if it is convenient for checking private emails or surfing the Internet privately. Conversely, if possible, you should not use private computers and smartphones for work. In this way the University is better protected and it is easier for you to separate work from leisure time.
If you use your private computer or your private smartphone for business purposes on occasion, you should pay particular attention to a clear separation. The best way to do this is to set up a separate computer account without admin rights. This can be done very easily fast on both Windows and Mac computers. Your installed programs are still available.
Also, please make sure that after editing files, they do not remain on your private device. This applies in particular to system-related temporary files that are created, for example, when email attachments are opened.
2. Computer security
Install a virus scanner and make sure that the operating system, virus scanner, browser, Office, and Acrobat are always up to date.
Even at home, get into the habit of always activating the screen lock when you leave the computer.
3. Internet access security
Your Internet access at home should be as secure as possible. If you use WiFi, make sure you have a long, complex password of at least 16 characters. It is also recommended to limit WiFi access to known devices.
You should always activate VPN if you work in a foreign network, e.g. when visiting relatives, friends, or in a public hotspot. This will prevent your data traffic from being read.
4. Communication security
Much of the information that we exchange on a daily basis is rather uncritical. Important or highly confidential information, on the other hand, should always go through secure channels:
- Email
In the case of email, this means encrypting or attaching files with a password.
>> All information about signing and encrypting emails
- Messenger
For messenger services, you should use those with end-to-end encryption, such as MS Teams, Signal, Threema or, if necessary, WhatsApp, but not Skype or Slack.
5. Browser security
If you use a private device for business tasks occasionally, please always use a separate browser for work. For example, if you have been using MS Edge for everything so far, install e.g. Firefox and use it exclusively for professional purposes. Do not use any plugins, Flash or, if not absolutely necessary, Java in your working browser. Clear the cache regularly and do not store passwords in the browser.
6. Use your brain
Experience shows - and this is not meant to be rude - that the biggest risk factor is the person in front of the computer. Be careful not to open attachments, download files, or install programs carelessly. If you don't trust a sender or an Internet site 100 percent, it's better to play it safe and check back with another communication channel.
7. Recognize dangerous emails
If you receive an email that has one of the following characteristics, for example, you should become suspicious:
But beware: unlike a few years ago, many fraud attempts now have no linguistic shortcomings whatsoever. You should therefore be vigilant even with well-written text.
Please also note the recommendations for action against email fraud issued by the Baden-Württemberg State Office of Criminal Investigation.
8. Recognize dangerous websites
Fraudulent websites can copy a trusted website and trick you into entering confidential information. This could be the homepage of the University, a mobile phone provider, or a bank. Of course there are also false webshops or pages from false service providers.
Recognizing such sites is not always easy. If you receive an email that has one of the following characteristics, for example, you should become suspicious:
9. Security Zoom
Currently, Zoom is increasingly used for video conferences and online seminars worldwide. This popularity makes Zoom more interesting for hackers who want to entice you to install malicious software with fake meeting invitations. The other problem is that with the wrong settings, unknown "trolls" can join the meeting to share disturbing content.
Therefore please pay attention to the following:
Do you have questions or comments about this site? contact form