The Information Security Office (ISO) continuously strives for daily operational excellence
to ensure the confidentiality, availability, and integrity of University of Utah information
technology systems and data through appropriate security resources and best practices.
RECENT NEWS
Cybersecurity Awareness Month: 4 steps to secure our world
Observed every October since 2004, Cybersecurity Awareness Month (CAM) aims to highlight some challenges that exist in the world of cybersecurity and provide straightforward, actionable guidance that anyone can follow to create a safe and secure digital world for themselves and others.
IT security tip: Turn on automatic updates
Outdated software is a common way for cybercriminals to gain access to your data and devices. The easiest way to update or patch your internet-connected device’s systems, software, and applications: Use the auto-update feature. For more information and other tips, visit this National Security Alliance webpage.
UIT Leadership Spotlight: Jake Johansen, chief information security officer
Johansen says it’s rewarding to help people make informed decisions regarding cybersecurity risks, especially ones they were unaware of, and avoid unintended consequences.
Announcement: Jake Johansen named chief information security officer
Duo 2fa Support
Some links require login.
- Duo Two-Factor Authentication (2FA): Overview
- Duo two-factor authentication (2FA): Setting up your account
- Duo Two-Factor Authentication (2FA): Adding/Changing a Device
- University of Utah two-factor authentication (2FA) webpage
Helpful Links
- Report phishing:
- Use the Phish Alert button
- Email as an attachment to phish@utah.edu
- Report a security incident
- U of U Policy 4-004: Information Security Policy — Questions? Contact ISO-GRC@utah.edu.
- Org chart: ISO comprises three areas — Enterprise Security; Governance, Risk & Compliance (GRC); and Identity & Access Management (IAM).
U of U IT News & Info
- UIT: Node 4
- ITS: Hardwired (login required)
IT Security advisories
Tips & resources
University-approved platforms for restricted and sensitive data
Due to the level of risk associated with restricted and sensitive data, the university has approved only a select number of platforms for those data types. Our IT security matrix provides an overview of some university and personal platforms (e.g., Adobe Creative Cloud, Canvas, Microsoft Copilot, and Zoom health care license) and the data types for which they are approved.
U of U virtual private networks
To access certain resources on the University of Utah network, campus employees and students who work or study remotely and hospital/clinics personnel who work remotely should use a secure virtual private network (VPN).
- Palo Alto Global Protect
- Departmental VPN
Secure those passwords!
Is your password secure enough?
Easy-to-guess, “weak” passwords are the main way criminals gain access to system information. Keeping passwords safe and hard to guess is critical to ensure information is not compromised.
Take a moment to review the University of Utah’s password requirements and guidelines.
Telecommuting? Follow these IT best practices.
Compared to working on campus, telecommuting can present different information security risks, especially when it comes to network security, data storage, and physical security. By following these best practices, you can help protect yourself and the university from cyberthreats.
FERPA: How to securely share and store student data
We created a couple of resources to help instructors and students understand which applications and devices can be used to share and store FERPA-protected data, especially as more of us use new platforms to learn, teach, and connect remotely.
IT security best practices for when you travel
Travel more securely whether you’re going on a roadtrip or on an international adventure. Tips include cybersecurity basics and temporary measures to better protect your information and devices while you are away from home.