Information Security

According to the requirements of the "VwV Informationssicherheit" of the state of Baden-Württemberg, the kiz (as well as the university as a whole) has the task of establishing an Information Security Management System (ISMS) in order to guarantee basic IT protection according to the recommendations of the BSI for its central and mission-critical systems. The ISMS at the kiz is part of the service management based on the ITIL process model. The kiz has appointed two Information Security Officers (ISO) to implement the security concept, to comply with security guidelines and to organize and design the underlying security processes in its services and internal operational processes.

Due to the size and decentralised structure of the university, the IT managers of the various departments (e.g. in institutes, faculties, other operating facilities) are also obliged to take appropriate protection and awareness measures for the IT systems they operate and how to deal with them. The University has appointed a Chief Information Security Officer (CISO) as the main contact for all issues relating to information security. He is responsible for the strategic orientation of information security, controls and coordinates the information security process, among other things, and is responsible for implementing the central protection goals. The CISO also coordinates the preparation of an information security concept and other sub-concepts and guidelines.

The kiz and the CISO work closely together. The kiz explicitly provides the university with a number of services relating to IT security and provides a collection of best practice guides and instructions for security-conscious handling of IT applications. However, the content is oriented towards the use of the service portfolio of the kiz. The CISO is responsible for the recommendations, specifications, guidelines and questions on information security in the general context.

Best Practice Guides

News: Warning about emails with malware (including Emotet)

• Guideline Passwords
• IT Systems Guide
• Windows 10 Guide
• Virus Infestation Procedure Guide

These guides will be updated and extended.

Virus Protection

Our service includes the provision of an anti-virus software package for Windows users, the maintenance of a virus scanner on our central email server, and support in the cut-off process of infected devices.

Digital Certificates

A digital certificate is an electronic set of data - like a passport - which describes certain traits of a person or device and can be validated through cryptographic means. When creating a new certificate a private and a public key are computed. Flowingly, the public key is supplemented with further data about certain traits, for example the name of the certificate receiver, which are further confirmed by the certificate issuer with their own signature. The hereby resulting set of data or document is the digital certificate of the person or device. In accordance with the DFN-PKI (Deutsches Forschungsnetz - Public Key Infrastructure) the kiz can issue user or server certificates for members of Ulm University on the security level 'global'.

University Firewall

Ulm University's network is separated into several subnetworks, which are secured between each other and to the outside through firewalls. In case of the F&L network the firewall protection is limited.

Contact

Information Security at kiz

Guido A. Hölting & Florian P. Böck
Information Security Officers (ISO)
Phone: +49 (0)731 / 50 - 30300
Email: kiz(at)uni-ulm.de

Information Security at University

Florian Oberlies
Chief Information Security Officer (CISO)
Phone: +49 (0)731 / 50 - 25183
Email: ciso(at)uni-ulm.de