IT Security – Risky Business?

Confronting a dreadful situation: having to delete 500 spam emails every morning. However, without the IT Services (ITS) this would be the awful reality for many people. Obviously this is not solely a matter concerning ETH IT security teams. ETH relies on every individual, since the greatest potential for reducing security risks comes from active participation of each and every user.

safeIT Awareness Campaign

At ETH Zurich as in any other large company, the integrity of the IT infrastructure is more important than ever. Many processes in research and teaching are dependent on a functioning IT structure. Imagine your workday without IT and you will quickly realize how handicapped you’d be. Consequently, the ETH Executive Board has commissioned the ITS to launch a safeIT awareness campaign. safeIT helps to ensure safe handling of your IT resources and familiarize you with important security issues.

IT House Rules at ETH Zurich

The following eight basic IT rules apply to the entire ETH and are to be regarded as an aid in regulating daily use of IT resources at ETH Zurich. The „IT Awareness Cartoon Videos“ or the safeIT Flyer help remind you of these rules.

  1. Adhere to applicable rules
  2. Avoid the misuse of systems and passwords
  3. Think and act with foresight
  4. Handle information and systems with care
  5. Use only legally obtained (licensed) products
  6. Use email and Internet cautiously
  7. Report incidents immediately
  8. Learn about cloud computing and social media

IT Services Security Teams

ITS User Services, Mail/Directories

The ITS mail team manages over 20,000 ETH mail accounts via the Exchange server. An antivirus program prevents the introduction of malware and viruses and spam filtering removes unwanted emails.

ITS ICT Networks, Network Security Group

The ITS ensures network security at ETH Zurich by monitoring network and system installations to prevent the misuse of data and infrastructure. The Network Security Group (NSG) supports ETH members with all issues relating to system security of computers and network zones. The NSG can also provide security analysis of (web) applications and system installations. Additionally, the team regularly posts security bulletins and runs the safeIT security awareness campaigns.

ITS Management, Quality and Process Management

Information security is a vital matter for every IT service provider and this certainly holds true of the IT Services at ETH. The Quality Manager is responsible for definition and description of processes as well as safety and risks. He supports ETH projects in an advisory capacity and provides business impact analysis to selected professors and departmental employees.

Too terrible to contemplate….

ETH Zurich relies on the responsibility of all its members. We must all be committed to avoid scenarios which could produce headlines as the ones below:

  • “Spam attack originates from a Swiss university
    Investigations into the recent spam attack point to computers at ETH Zurich. The relevant ETH server has been disconnected from the Internet and cannot be accessed until further notice ….. “
  • “Prosecutor orders criminal investigation against several ETH employees
    Investigations by the cantonal police substantiated a strong suspicion of data breach…..”
  • “Hackers bring ETH to its knees
    For weeks, hackers have been massively disrupting the IT infrastructure and disturbing service stability at ETH Zurich….. “
  • “ETH Board forewarns ETH President and dismisses its IT Management with immediate effect
    IT is too expensive and unstable and security is inadequate, according to the spokesperson of the ….. “
  • “ETH Zurich could not maintain last year’s ranking
    In the international ranking of universities, ETH has dropped to position 79 ….. “
  • “Manipulated exam results
    Due to inadequate security measures, students at ETH Zurich could easily manipulate their exam marks…..”

Posted on
in News English