The UBI-CERT is a central component of Bielefeld University's information security management.
The aim of the CERT* is to protect the university, its members and its infrastructure from negligent or illegal use of its IP addresses and resources. The members are organisationally assigned to BITS.
The UBI-CERT communicates directly with the IT supervisors, information security management and those affected as part of its tasks.
The services of the UBI-CERT are not limited to BITS, but are available to all departments and institutions of Bielefeld University.
The first point of contact for employees in the event of IT incidents and enquiries is the university's IT supervisors. A list of contact options for all departments / facilities can be found in the PEVZ under the following link.
*ComputerEmergency Response Team (CERT) (Computer Security Incident and Response Team)
Bundling the preventive, reactive and operational tasks of information security in one team is a critical success factor in ensuring Bielefeld University's resilience to information security incidents and cyber attacks. This is achieved by specialising and focusing on tasks. These tasks are:
Prevention
Preventive measures to ensure that security problems do not escalate into information security incidents.
UBI-CERT supports information technology operators in the identification and assessment of technical vulnerabilities through vulnerability scans and threat intelligence (strategic collection of information on potential threats, identified attack characteristics and actors).
Detection
Development of capabilities to recognise information security incidents in a timely manner, e.g. through central log data collection and evaluation or additional sensor technology, in order to initiate countermeasures and thus prevent negative effects as far as possible.
Reaction
Make preparations to limit the negative effects of an information security incident once it has occurred. Coordinate the handling of information security incidents.
Sustainability
Processing the findings from information security incidents ('lessons learnt') with the aim of contributing to the continuous improvement of information security management.
Further tasks
Other tasks of the UBI-CERT include administration and cooperation with the administrators of the central security services (EDR Malware Detection, Perimeter Firewall, etc.) in order to be able to act in the event of imminent danger.
In the internal area of the website for IT supervisors, there is special information and instructions for the IT supervisors of the departments/departments on the IT services offered by BITS.
These go beyond the normal information for end users on the BITS website and are also intended to support and facilitate the daily work of IT supervisors in information security contexts.
-> https://www.uni-bielefeld.de/intern/einrichtungen/bits/edv-betreuungen/
In the event of an actual information security emergency between 16:00 and 08:00, the university control centre must be alerted.
Regulations and guidelines that you must observe in your activities at the university can be found on the website of Information Security at Bielefeld University.
You can find the latest information on our BITS blog.
Information security processes can also be found in the internally accessible process portal.
This link provides a description of the CERT in accordance with RFC 2350.