Guidelines and Security Rules

Here, you will find the most important rules of conduct regarding safe computer use, as well as the latest leaflets and regulations on IT security at UZH.

General IT security principles

Rules for Safe Computer Use

 

Follow the applicable rules

  • Read up on the applicable rules and recommendations (e.g. REIM).
  • Be aware that you are personally responsible for your actions.
  • Respect the privacy of others.

Avoid the misuse of devices and passwords

  • Choose passwords that are difficult to guess and keep them secret.
  • Lock your device, log out of the system, or turn off the computer when you are away or do not need the device.
  • Never leave mobile devices (laptop, tablet, smartphone, etc.) unattended.

Act with foresight

  • Make sure that the virus scanner is updated regularly and do not switch off this important protection system under any circumstances.
  • Keep your operating system and applications up to date by installing regular updates and patches.
  • Switch off all programs and services that you do not need for your work.
  • Make regular backup copies of your data.
  • Only use programs and data that you are authorized to use and have a legally acquired license.

Use e-mail and the Internet with caution

  • Remember that links can connect to dangerous sites and that email attachments can contain malicious programs.
  • Handle programs and data downloaded from the Internet with care and observe the applicable regulations.
  • Ignore any request to disclose access data (username/password).
  • Close websites that display changing advertising offers as soon as you no longer need them.

Read up on cloud computing and social media

  • Check the legal terms and conditions of the supplier and clarify whether they are in accordance with the UZH regulations. The law of the storage location applies!
  • Employee and financial data, as well as data belonging to third parties that have a confidentiality agreement must not leave UZH. Not even in encrypted form.
  • Research data must remain accessible to UZH at all times in order to ensure traceability.

Report incidents immediately

  • Consider violations of integrity or confidentiality as one incident!
  • Report (possible) virus infections or any detected malware to your local IT Support team (administrative departments) or your IT Coordinator (institutes)!
  • Report security-related incidents immediately to the department responsible for you or your superior! The central reporting office is security@uzh.ch or telephone 044 634 3333. In sensitive cases, you may request a callback from the IT Security Officer.

Regulations

Regulations on the Use of IT Resources

Status: Resolution of the Executive Board of the University on 31. Oct. 2017

REIM (PDF, 156 KB)

Directives

Standards for Systems Operations

Status: Resolution of the Executive Board of the University on 27. Oct. 2006

Standards for Systems Operations (PDF, 90 KB)

Regulations on Collecting Logfiles

Status: Resolution of the Central IT

Collecting Logfiles (de) (PDF, 94 KB)

Network Decurity Directive

Status: Valid for Central IT. UZH-wide in consultation.

WNS (PDF, 274 KB)

Leaflets

Information Sheet on Using IT for

Students (PDF, 92 KB)

Information Sheet on Using IT for

Employees (PDF, 88 KB)

Information Sheet on Using IT for

IT Supervisors (PDF, 66 KB)

Leaflet on the Requests for Web Applications for

Applications managers and IT-Coordinators (DE) (PDF, 327 KB)

Information Sheet on E-Mail Awareness for

Employees and students (PDF, 493 KB)

Leaflet on the Destruction of Electronic Data for

Employees (DE)