This site requires JavaScript to be enabled
EPFL -> Security


VPSI (Vice Presidency of Information Systems) IT Security is responsible for the protection and integrity of our information system.It ensures the operation of the appropriate technical infrastructure (antivirus software, web filters, DIODE, etc.) and handles all IT security incidents, from simple phishing to crisis management.The unit can also help you with your projects, provide advice on security aspects, issue digital certificates or conduct or organize security audits.The team is currently made up of three part-time security engineers, and an Information Systems Security Manager with a more strategic role.

Please also consult our guide on "IT Security -How to be prepared for cyber attacks"


Available services

AntivirusAll Windows work machines, whether computers or servers, must have the School's official antivirus software: McAfee VirusScan.
DIODEThe DIODE project is aimed at making our network more reliable and secure by closing outside access to computers that are only clients (personal computers) and limiting the number of servers that need to remain visible from the outside, but which are therefore exposed to attacks.
IT security auditVPSI IT Security is able to carry out security audits on your servers and applications at a technical or conceptual level (analysis of procedures and compliance with laws in effect). Whenever possible, these audits are conducted in-house but we can also provide support to organize audits carried out by outside service providers. This second option is preferred when the task exceeds our area of expertise and/or if available resources are incompatible with the time needed to carry out the audit.
IT Security SupportManagement of all IT security related incidents, whether involving suspicious email, an infected computer, data hostage taking, if a key element of your infrastructure is compromised or any security problem that could impact EPFL's reputation.
SafeNetSafeNet provides protected computer networks to hosts that, for technical or administrative reasons, cannot be sufficiently protected (via antivirus) and/or kept up to date.
Server certificateA public key certificate (also known as a digital certificate) is like a digital identity card. It is mainly used to identify and authenticate an individual or entity, or to assess exchanges. It is signed by a trusted third party who authenticates the relationship between the physical identity and the digital (virtual) entity. The most widely used standard for creating public key certificates is X.509.
Web ProxyThis service provides limited and filtered Internet access from on-campus machines which generally have a private IP address, such as virtual machines of the View infrastructure, sensitive computers (e.g. those used to operate measurement devices) or public access computers.