Information Security Commissioner

The main objective of information security at the university is to effectively protect information and IT systems and to ensure confidentiality, integrity and availability. In doing so, unauthorised access and manipulation of data should be prevented, regardless of whether they are personal or not. IT security is an important sub-area of information security and focuses on the protection of electronic information and the reliability of IT systems.

The University of Applied Sciences Potsdam (FHP) attaches great importance to adhering to information security guidelines and standards in order to ensure the security and protection of information. In doing so, the FHP is guided by both national and international standards and laws.

• Information security policy of the university
• BSI IT basic protection
• ISO 2700X series

Security incident reporting is an important aspect of information security at our university. If you encounter or suspect a possible security incident, please do not hesitate to report it. Your report will help ensure the security of our information systems and minimise potential damage.

To report a security incident, please use the online form. The form will allow your report to be processed quickly and efficiently.

Please consider the following points when reporting a security incident:

• Describe the incident or suspicion as accurately as possible.
• Provide all relevant information and evidence, if available, e.g. screenshots, emails or log files.
• Be brief and precise to enable your report to be processed quickly.

For urgent security incidents that require immediate attention, you can contact the information security commissioner directly. Contact information for the information security commissioner can be found at the bottom of this page.

Your reports will be kept confidential and shared only with the appropriate parties within the university to investigate the incident and take appropriate action. Your proactive assistance helps to continuously improve information security at our university.

Continuous training and development of staff and students in the area of information security is important. In this context, we will offer training, online courses and other resources in the future to raise awareness of information security and promote skills in dealing with security-related issues.

From Q3 2023, the university will provide a comprehensive online training offer on information security. This offering includes courses, webinars and interactive learning materials tailored to the needs of staff and students. Further information on the training offerings and registration options will be announced on this website in good time.

The online training modules and webinars will cover topics such as data protection, safe surfing, password security, phishing detection and defence, and endpoint protection. The trainings will be offered for beginners as well as for advanced users in order to cover different levels of knowledge.

Below is a list of recommended resources that can help you implement safe online behaviour and data protection in your everyday life:

• BSI for Citizens
• Security tips from the consumer advice centre
• Phishing check of websites
• Online virus scanner – Virustotal
• OWASP Top Ten Project

These resources are intended as supplementary sources of information and do not replace attendance at training courses and webinars offered by the university.