What’s your part in cybersecurity as an HCU-member?

You can take some measures that you only have to set up once and from then on, they add to our cybersecurity.

It’s always important to be cautious while navigating the Internet. For the cases where this is not enough HCU provides you with an antivirus software.

All your work devices already have an antivirus solution installed so you don’t have to take action there. To protect your private devices as well (whether you use them to study, for work or just privately) the HCU provides you with a premium antivirus software for free.
You can learn how to get access and how to install the program here: en/informationssicherheit/virenschutz

We all have to enter our password to unlock our computer so other people can’t use it without our knowledge.
What many people don’t know is that the password that is required to unlock your computer does not protect your data as well. Attackers can’t use the programs installed on your pc so they can’t write an e-mail pretending to be you. But they could dismount your drive and use a cheap adapter to gain access to all the files you have saved.

To protect your files as well you can activate disk encryption. With that you set a password that not only guards the access to your computer but encrypts the files as well. This password does not have to be entered every time you open a file but is asked if someone wants to access the drive without unlocking the computer first.

On all work devices managed by HCU-IT disk encryption is enabled by default. If you want to enable it on your own private device as well there are several options. Your operating system has one built in: Windows has integrated this functionality via “Bitlocker”, with Apple you can use “FileVault” and under Linux “LUKS” is there for you.

These measures don’t need your full attention but rather you should think about them along your usual activities.

Several phishing attacks reach the HCU, some targeted and some more widespread. If a specific phishing mail is occurring more often, we can warn about it on our website and via the mailing list.

If you receive a phishing e-mail, you can send it to us and we’ll take the appropriate next steps. Just forwarding the mail is not sufficient since some important details go missing this way. Below this text you’ll find a PDF where the safe way to send phishing mails is described in detail.

In addition to your login with e-mail-address and password you can add a second factor. This is a code on your smartphone that refreshes every 30 seconds or a physical security stick.
Two factor authentication (2FA) makes it more difficult for attackers to gain access to your account since they would need your code or physical device as well.

You can get more information on two factor authentication and how to enable it at en/informationssicherheit/2fa

If you’re looking at even more security, take a look at passkeys. Passkeys are a new way to securely login online. They have to be set up once and can subsequently be used when logging in. The validation of your identity happens via biometric markers (fingerprint or face scan). Remember to back up your passkeys in case you lose access to your original device.

Passkeys offer several advantages:

• You don’t have to remember complicated passwords anymore.
• A passkey can’t be too short or insecure.
• A password can be stolen, your finger or face not.
• Passkeys are resistant to phishing.

you can get more information (in German) about passkeys on the Federal Office for Information Security website: Schafft die Passwörter ab?!

As written above you can use certificates to make your e-mails more trustworthy. To make this effective it’s important that people know about this and actually use it. You could talk with your colleagues about certificates and encourage them to use it (especially with the ones you mail often with).