Data Security

Operating system, programs and network

  • Install Updates (Operating system and applications on your computer and mobil devices).
  • Use an antivirus software (Windows Defender, Sophos Antivirus for Uni-Bremen employees, Avast).
  • Use the firewall in your OS.
  • Create different user accounts (admins and standard user) with different passwords. If you also use your office computer privately, use a separate user account for this purpose. Separate company data and private data.
  • Use a password-protected screen lock.
  • Protect your data by encrypting your hard drive (also the backup hard disk).
  • Deactivate macros in Microsoft Office and do not activate macros for files you receive.
  • Configure your mail program so that remote content is not automatically downloaded.
  • Read mail in plain text format.
  • Encrypt your mail and send it with personal certificates.
  • Take your time when clicking on links in mails. Install for example in Thunderbird the plugin "Torpedo".
  • Only install software that is absolutely necessary and from trusted sources.
  • Do not allow external access to your computer. If it cannot be avoided, only allow VPN connections.
  • Disable services that are not needed.
  • Use the software in the ZfN instead of external providers. E.g. RocketChat instead of WhatsApp, Office in Seafile instead of Googledocs, scheduler/survey tool in DFN instead of doodle.
  • External storage media such as USB sticks, USB hard drives, network drives are not protected against encryption Trojans. All storage media to which the logged-in user has access are at risk.
  • Use WPA2, better WPA3 as encryption for your WLAN and switch off WPS and UPnP.
  • Awareness

  • There is usually always a human component as a contributor to a successful hack.
  • Do not click on links in suspicious mails.
  • Never enter your password on dubious websites. The university does not set unreasonably short deadlines for responses.
  • Do not use USB sticks to transfer data from colleagues or students. Instead use e.g. Seafile or NextCloud (FB3).
  • Talk to people around you (family, roommates, guests) about data security.
  • If you suspect a virus on your computer or notice suspicious actions, disconnect it from the LAN/WLAN. Do NOT turn it off, because after a reboot, an encryption software may take effect and you will no longer be able to access your data. Scan your Computer with "Desinfec't" USB stick and change your passwords.
  • Encrypt/password-protect data exchange with project partners.
  • Dispose of unnecessary devices (computer, WLAN router, printer,...).
  • Include IT security in project costs (backup disks,...).
  • Close windows and doors, use password-protected screen saver.
  • Passwords

  • Use strong passwords.
  • Use different passwords.
  • At least 12, better 20 characters.
  • It is better to have a somewhat complex, long password than simple ones that are constantly recreated. Longer passwords are better than shorter very complex ones.
  • Use two-factor authentication wherever possible.
  • Use a password manager (i.e. Keepass (Win), KeepassXC (Mac/Linux), Keepassium (iOS), KeepassDX (Android)).
  • Or use the Apple Notes app and encrypt the note afterwards.
  • Browsers such as Safari save the passwords. Make sure that the computer is not unattended or secured with a password-protected screen saver.
  • Check at haveibeenpwned.com if your email address has been hacked. Register there if you want to. You will be notified.
  • Backup

  • Create backups with Apple "Time Machine Backup" or Windows Backup (Image 1x/week with "Backup and restore Win7" and hourly backup with "Windows 10 Backup").
  • Create redundant backups. Additionally e.g. on the backup server of the university (see "Backup" at https://www.uni-bremen.de/zfn/weitere-it-dienste/storage-dateiaustausch).
  • Backup your Mails.
  • Check your Backup and a restore.
  • Do not put (backup) hard disks on batteries, this will destroy data.
  • More information...

  • For more information see BSI für Bürger.
  • And see the heise c't Checkliste.
  • Vulnerabilities and security advisories from DFN-CERT.