IT Security

 

The increased proliferation of digital devices such as tablets, smartphones, etc., introduces new security threats. Apart from industrial espionage, there also is an increase in theft of personal and private data, including passwords and e-mail addresses.

 

With the increasing use of information and communication technologies in both private and business settings, there is also an increase in new threats to consumer and business privacy.

Background

While a few years ago, IT security referred to correct functioning and reliable availability, today the concept is much broader, including the protection from a wide range of new threats and risks. These include abuse of IT systems, sabotage, espionage, as well as fraud and theft. With the introduction and proliferation of e-mail and of the World Wide Web, new technologies have found their way into private settings – online banking, online shopping, dating, contact with the authorities are just a few of the manifold activities that rely on information technology.

Threats and risks take the form of "force majeure;" accidental misuse; malware such as viruses, trojan horses, and worms; and phishing. Frequently such threats occur in combination with so-called "social engineering".

Activities of the IT Center

The IT Center is not able completely to prevent attacks on the RWTH Aachen IT infrastructure and data. Such attacks occur everyday, in new and changing forms. However, the IT Center can take measures to reduce the likelihood that such attacks will succeed. If such attacks cause damage, appropriate measures are apt to reduce the severity and duration of the consequences of the attack.

This can only succeed, however, if everybody contributes to taking adequate precautions - leadership staff, IT administrators, members of staff, and, of course, the students at RWTH Aachen.

The users of the IT infrastructure, that is, staff members and students, play a very important – often underestimated – role in this process.

The IT Center supports the security of the University's IT infrastructure through several measures and services which are coordinated by a specially trained security administrator.

These IT security-related services include:

  • Operation of a centralized firewall system and decentralized firewalls for RWTH institutions
  • Provision of free-of-charge SOPHOS anti-virus (de) software, including an update service, for students and staff at RWTH Aachen
  • Operation of a powerful web filter infrastructure to protect against damaging website content
  • VPN server for the protected access of University resources from outside the RWTH network
  • Provision of certificates for personal use, that is for encrypted or digitally signed e-mail messages, or for server certificates
  • Monitoring of conspicuous systems using special algorithms for the detection of infected end devices (Blast-o-mat).