Back to Course

Data Protection in the IT Department

0% Complete
0/0 Steps
  1. Introduction IT Security
    1 Topic
  2. Protection Goals
    4 Topics
    |
    1 Quiz
  3. Encryption and Signature
    3 Topics
    |
    1 Quiz
  4. Deletion of Data
    1 Topic
    |
    1 Quiz
  5. IT-Forensics
    1 Topic
    |
    1 Quiz
  6. Safety in the Network
    4 Topics
    |
    1 Quiz
  7. Attack Scenarios
    2 Topics
    |
    1 Quiz
  8. IT Security in the Overall Concept
    3 Topics
    |
    1 Quiz
  9. Cloud Computing
    1 Topic
    |
    1 Quiz
  10. IT Security Act and IT Communication
    2 Topics
    |
    1 Quiz
Data Protection in the IT Department Safety in the Network Further Protective Measures in the Network
Lesson 6, Topic 3
In Progress

Further Protective Measures in the Network

Lesson Progress
0% Complete

Secure Wi-Fi

A major problem when using Wi-Fi is that communication can be intercepted even from a great distance. Therefore, the confidentiality of transmitted data, e.g. emails, can be compromised if the communication is not encrypted. Many WLANs are still not or insufficiently encrypted.

Wi-Fi installations are susceptible to radio interference. The interference is caused by other devices or environmental influences. But they can also be deliberately provoked and ultimately lead to a loss of availability.

The appropriate measure depends on the respective application scenario of the Wi-Fi. For a Wi-Fi that is used to expand one’s own LAN, the following recommendations are particularly important:

  • Encryption of all communication via Wi-Fi using WPA2 if possible, transitionally also with WPA, or alternatively using a VPN.
  • Measures for access points by securing mobile clients  

Securing a VPN client

Even before the Corona pandemic, the workplace computer was the technical basis for using IT-supported workflows. Users can use the workplace computer to access local information or information available on the network, such as documents and e-mails, as well as services on the Internet. In order not to severely restrict the users’ ability to work with the workplace computer, it should only consist of the necessary hardware and software components that are required for the purpose of the computer. No further components should be installed for private use. Doing without additional components reduces the attack surface and the risk of software or configuration errors, backdoors or incorrect operation.

It is important to know what the computers is to be used for in order to come as close as possible to the goal of the minimal system.

What is therefore minimally required?

In everyday office life, the following applications are typically required:

  • A graphical user interface to interact with the computer
  • An e-mail programme for exchanging messages and Office packages
  • A browser for accessing content on the internal network and the Internet, and a calendar programme for managing appointments and meetings.

Secure use of e-mail

E-mail use is compromised in a few different ways. E-mails are used to spread malware such as viruses, worms and Trojan horses.

Spam e-mails are also a threat to the availability of the e-mail service.

In order to increase data protection security, the following measures can be added to make the use of e-mails more secure:

  • Anti-virus software that scans incoming and outgoing e-mails for malware.
  • An anti-spam software that recognises and sorts out unwanted e-mails
  • Anti-phishing software that blocks attacks that use fake emails to trick users into revealing confidential or personal information.
  • Personal firewall that filters all incoming and outgoing connections