How to Respond to IT Security Incidents

Security incidents can be triggered by a variety of hazards.

Safety measures that you can implement today

Prevention and information: Familiarize yourself with the safeIT campaign and our «Best Practice» recommendations. Use strong passwords (see bottom of post)

Self-help – act quickly

If you notice that your computer or mobile device is acting strangely, is inexplicably slow, or appears to have been compromised, act immediately. What does the term «compromise» mean? A system, database or even a single file is considered compromised if data might have been manipulated and if the system owner (or administrator) no longer has control over proper functioning or correct content, or whatever other goal the attacker has attained by manipulation (loosely translated – Wikipedia).

Contact your IT supporter or the Service Desk immediately and have your device checked as soon as possible.

Support & emergency measures

Contact your ISG (IT Support Group in your department) or the ITS Service Desk  immediately for help. The staff will help with analysis and cleaning of the compromised device. The Service Desk will either escalate your case to the responsible technical group or to our ITS security team or connect you with them.

In case of escalation our security team will close all security breaches and take all necessary and proportionate measures in answer to alerts from other trusted security agencies worldwide. The security team checks all related alerts to determine whether they are a threat to ETH Zurich’s IT. Publications, such as e.g. winsecnews (Windows Security for System Admins), inform user groups about vulnerabilities and necessary measures.

Posts in the ITS blog

 Use secure passwords

Refer to the IT brochure for staff  or students.

  1. Change password
    Choose a password that you can easily remember. For security reasons, it should contain at least 8 characters with upper and lower case letters, numbers and special characters. Change it often at irregular intervals. We recommend different passwords for various IT services.
  2. Password-disclosure / IT security
    Ignore any request to disclose login information. No reputable service supplier will ever ask you for your username or password by email! Make sure to logon to absolutely trustworthy web sites only. If in doubt, check with your IT Support contact first. More information on the subject of IT security can be found in our IT Awareness program «safeIT«.
  3. Forgot password
    For security reasons, we never issue passwords over the phone. However, you can register a secret question,  mobile phone number and alternate email address. This way the Service Desk can identify you and send you a new password. You can also contact the Service Desk or your department administrator and ask to pick up your new password personally.

Complex passwords – tips from ITS Service Desk

Complex and secure passwords are easy to create with a mnemonic:
WntyBopTd2w? (Why not take your bike or public transportation daily to work?)

◾ ITS blog post  «Guidelines for a Foolproof Password»
◾ ITS-Blog post «Das eigene nethz-Passwort richtig ändern» (German)
ITS site  with password rules «Password Rules for your Security»
safeIT-Cartoon «Avoid the misuse of systems and passwords »
safeIT Flyer

erstellt am
in News