Here, you will find the most important rules of conduct regarding safe computer use, as well as the latest leaflets and regulations on IT security at UZH.
General IT security principles
Follow the applicable rules
- Read up on the applicable rules and recommendations (e.g. REIM).
- Be aware that you are personally responsible for your actions.
- Respect the privacy of others.
Avoid the misuse of devices and passwords
- Choose passwords that are difficult to guess and keep them secret.
- Lock your device, log out of the system, or turn off the computer when you are away or do not need the device.
- Never leave mobile devices (laptop, tablet, smartphone, etc.) unattended.
Act with foresight
- Make sure that the virus scanner is updated regularly and do not switch off this important protection system under any circumstances.
- Keep your operating system and applications up to date by installing regular updates and patches.
- Switch off all programs and services that you do not need for your work.
- Make regular backup copies of your data.
- Only use programs and data that you are authorized to use and have a legally acquired license.
Use e-mail and the Internet with caution
- Remember that links can connect to dangerous sites and that email attachments can contain malicious programs.
- Handle programs and data downloaded from the Internet with care and observe the applicable regulations.
- Ignore any request to disclose access data (username/password).
- Close websites that display changing advertising offers as soon as you no longer need them.
Read up on cloud computing and social media
- Check the legal terms and conditions of the supplier and clarify whether they are in accordance with the UZH regulations. The law of the storage location applies!
- Employee and financial data, as well as data belonging to third parties that have a confidentiality agreement must not leave UZH. Not even in encrypted form.
- Research data must remain accessible to UZH at all times in order to ensure traceability.
Report incidents immediately
- Consider violations of integrity or confidentiality as one incident!
- Report (possible) virus infections or any detected malware to your local IT Support team (administrative departments) or your IT Coordinator (institutes)!
- Report security-related incidents immediately to the department responsible for you or your superior! The central reporting office is email@example.com or telephone 044 634 3333. In sensitive cases, you may request a callback from the IT Security Officer.
Status: Resolution of the Executive Board of the University on 27. Oct. 2006