IT-Security while working (mobile)
and using private devices

Mobile working is a challenge for employees and IT security. In the following, we have listed some recommendations for you. When using private devices for mobile working, there are a number of aspects to consider in addition.

In general, please note

Protection from unauthorized eyes

  • Set up a screen saver, preferably with password protection.
  • If you work with confidential data, take a seat in such a way that unauthorized persons cannot look at your screen, especially outside your office. Special screen protectors can be placed on laptops and mobile phones to prevent shoulder surfing.

Protection against unauthorized access

  • Secure your IT devices with a password, PIN or fingerprint.
  • Lock your computer, even if you only leave the workplace for a short time.
  • Protect your devices from theft:
    • lock your office door when you leave the room and the people you share the office with are also out of the room.
    • Don't let your mobile IT devices, such as a laptop or cell phone, out of your sight, especially when you're on the road. In the office, you can lock them in a cabinet.

Install software sparingly and keep it up to date

  • If possible, install only the software on your IT devices that you really use for your work.
  • Install a virus scanner .
  • Keep the software up to date.

Beware of suspicious mail or links

  • Keep emails closed that seem suspicious. Do not click on strange links.
    For more Information see Phishing .

Be careful with foreign USB sticks

  • If you are working in public networks, e.g. in the train or in a café, please log in to the TU Darmstadt network via the central VPN of TU Darmstadtfor data transfer..
  • Do not use VPN connections from other VPN service access , e.g. a central facility or the central administration.
By behaving correctly, you make a big contribution to information security in your workplace. This picture contains 9 typical mistakes that endanger information security. Can you find them?

You can find the solution as a small puzzle here (opens in new tab)

Note: the puzzle needs some time to load. You can also find the solution together with explanations in the following paragraph "Explanations for the solution ".

(1) Doors and windows are open: Computers and accessories could be stolen from the rooms.

(2) The screen and thus possibly confidential information can be viewed by unauthorized persons.

(3) A slip of paper with passwords is visible and could be misused by unauthorized persons.

(4) A DVD labeled “Save” is lying around accessible.

(5) Printouts and copies with confidential data are lying around at printers and copiers.

(6) Computers with a direct connection to the Internet can bypass the network protection provided by the central firewall.

(7) Malware can enter the corporate network through private data carriers (a DVD in the picture).

(8) Leaking liquids endanger the hardware.

(9) Smoking means fire hazard.

Please also read the general tips on IT security and information security.

Information and instructions on the use of private end devices for mobile work

  • Use an up-to-date antivirus protection, such as Windows Defender on Windows 10, or similar products. Please do not use Sophos of the TU Darmstadt for private purposes, as it does not update itself outside the TU network.
  • Back up your personal data on an external hard drive.
  • You remain responsible for avoiding the risk of loss of personal files, such as holiday pictures etc. – e.g. through a cryptotrojan or hardware defect.
  • Only use software that is currently supported and updated by the manufacturer.
  • Windows 7 and also Office 2010 are no longer supported. Therefore, the use of such a system should be avoided.
  • Use at least Windows 10 and Office 2013 or alternatives such as Linux as the operating system or LibreOffice as the Office alternative.
  • Use Hessenbox-DA exclusively with Only-Office.
  • Do not process documents locally on private computers.
  • Do not use the Hessenbox client on private computers. Hessenbox mirrors all files locally, which is why the confidentiality of the document cannot be guaranteed if used on private computers. There is also a risk of infecting your computer with viruses and spreading them.
  • Official documents must not be downloaded or stored on private computers.
  • Edit emails and appointments via webmail interface and do not download attachments to your private computer.
  • Instead of sending attachments, please store the documents in the Hessenbox, making them available to your colleagues for processing.
  • Do not send attachments from private computers via the webmail interface.
  • Always use the webmail interface. Do not use any other e-mail client on your private computer, as this will save the mailbox locally.
  • Generally act with caution and consideration.
  • Log in with private computers exclusively via the central VPN of TU Darmstadt.
  • Do not use VPN connections from other VPN service access , e.g. a central facility or the central administration.