Guide to the secure operation of IT systems
Due to the large number of potential threats, we are providing you with the following general guide on what you should pay attention to in order to ensure sufficient IT security for official IT systems operated by yourself. In addition to this, you should also refer to our Windows 10 guide, which deals with some special aspects of the secure operation of this operating system.
All user accounts must be secured with (different) passwords. The passwords should meet certain requirements in terms of length and complexity. It is best to use the password criteria of the kiz account, which you can read about in our guide Passwords, as a guideline for the devices you administer yourself.
As a rule, never work with the rights of a system administrator (root or administrator). Only log on as an administrator if you really need to carry out administrative work. Deactivate or delete user accounts that you no longer need.
Installing (security) updates
All operating systems and application programmes contain errors. Most well-known manufacturers endeavour to correct these errors before the release of a new operating system or programme version and provide so-called patches or hotfixes for this purpose. Of particular importance are updates that correct identified security gaps. Without immediate installation of such updates, a system connected to the Internet can be compromised within seconds. It is not difficult to take precautions at this point. With most modern operating systems, you can set security updates to be installed automatically.
A virus scanner must be installed on every computer system that is connected to the Internet and must always be kept up to date. Good programmes offer an automated update function so that daily updates can be carried out without administrative effort. The virus scanner must be set so that all files that are to be executed are first checked for viruses ("scan on access"). Removable media such as USB sticks or CD-ROMs must also be scanned for malware. As part of its virus protection service, the kiz offers a corresponding software (Bitdefender Endpoint Security Tools). With current versions of Windows from version 10 onwards, however, there is nothing to be said against using the Windows Defender Antivirus supplied.
Personal Firewall (Desktop Firewall)
A personal or desktop firewall offers additional protection for a single-user computer. With this, you can protect yourself against port scans or unwanted connections by Trojans, for example. Please find out which products are available for your operating system. Often a personal firewall is part of the standard operating system and only needs to be activated or configured.
Avoid critical software
If possible, do not use software that is known to be regularly affected by security problems. This includes, for example, MS Internet Explorer or Adobe Flash. Java is also only recommended to a limited extent, but it can be difficult to do without it completely, depending on the application. In any case, make sure that all updates for your programmes are installed and that you always use the latest versions.
Appliances are, for example, printers, copiers, measuring and laboratory devices that you operate in your institution and that are integrated into computer networks. Information on how to operate these appliances safely can be found at the CERT der University Stuttgart. Pay particular attention to the point Measures for the responsible operation of appliances.
Communication and Information Centre (kiz)
Service Points are locations where you can visit us personally.
kiz from A to Z
more to: Virus protection guide
Instructions & Guides
Good to know