IT Security at RWTH

The IT Center cannot completely prevent attacks on IT and thus on your data or that of RWTH Aachen University: Attacks occur daily with constantly changing methods. We encounter threats in the form of phishing or malware such as viruses, Trojans, or worms. Attacks often occur in combination with social engineering.

The good news is that the IT Center can reduce the chances of such attacks succeeding through a variety of measures. Where attacks are nevertheless successful, further measures can significantly reduce their impact in terms of duration and scope.

Service Offerings

The IT Center supports IT security through a wide range of measures and services. These are coordinated by a specially appointed and trained employee.

The services specifically related to information security include:

• Operation of a central firewall and decentralized firewalls for the RWTH Aachen University facilities.
• Provision of free antivirus software and recommendations for private use.
• Operation of a powerful web filter infrastructure to protect against harmful content when surfing the Internet.
• VPN server for protected access to internal resources from outside the RWTH networks.
• Provision of certificates for use as personal certificates (e.g. for encrypted or signed e-mails) or for server certificates.
• Monitoring and detection of suspicious systems by means of stored algorithms for detecting infected end devices (Blast-o-mat).

All Together

The (protective) measures taken will only be successful if everyone works together: managers and IT administrators, all other employees, and, of course, the students at RWTH Aachen University. This is because the users of the IT infrastructure, i.e., the employees and students, often play a major and frequently underestimated role in this context.

To this end, protect your devices and (access) data!

• Install antivirus software
• Use strong passwords and keep them secret
• Multifactor-Authentication provides additional protection
• Use appropriate measures for data destruction
• Build trust with certificates
• Report any security issues you discover!

Contact in Case of Suspicion

If you suspect a security problem, please contact Nicole Wießner or Jens Hektor. Of course, the IT-ServiceDesk is also available as a point of contact.

Useful Websites for Further Information

• Bundesamt für Sicherheit in der Informationstechnik (de) - Federal Office for Information Security / BSI

  The BSI is a federal agency is an independent organization providing answers to questions on IT security issues

• Bürger-CERT (de)
  Bürger-CERT is a project initiated by the Federal Office for Information Security, BSI for short, which is to warn citizens in case of new threats from viruses, worms, or newly deteced system vulnerabilities. Bürger-CERT is a neutral, free-of-charge service.

• Anti-Phishing Working Group, Inc.
  The APWG is the worldwide coalition unifying the global response to cybercrime across industry, government and law-enforcement sectors. The Anti-Phishing Working Group (APWG-IPC) and CMU’s CUPS created a webpage to educate users about phishing. The page explains that they have just fallen for a phishing communication (e-mail or otherwise) and advises consumers and enterprise users ways they can help themselves to avoid being victimized in the future.