The Information Security Office (ISO) continuously strives for daily operational excellence
to ensure the confidentiality, availability, and integrity of University of Utah
information technology systems and data through exploitation of appropriate security
resources and best practices.
RECENT NEWS
Time is ticking on Windows 7.
Don't panic, but do make a plan — that’s the message that Windows 7 users should heed before January 14, 2020, when the popular operating system will reach its end of life (EOL). On that date, Microsoft formally ends "extended support" — free patches for security issues and bugs — and leaves unsupported PCs exposed to exploits.
"The cost of an incident is significantly higher than the cost of upgrading to Windows 10. It's not a risk worth taking," said Dustin Udy, Security Assessment team lead in UIT's Information Security Office (ISO).
CISO ROACH PRESENTS
ON ACADEMIC FREEDOM, DATA SECURITY AT SAINTCON
The annual SAINTCON (Security Advisory and Incident Network Team Conference) features presentations and activities that provide various levels of security instruction and training, from fundamentals to advanced techniques.
It’s not unusual to find UIT employees at the Provo conference, either as attendees or speakers. This year, Chief Information Security Officer Corey Roach spoke during the leadership track.
.
UIT LEADERSHIP SPOTLIGHT: COREY ROACH, CHIEF INFORMATION SECURITY OFFICER
Roach began his career at the university as a technical liaison during the construction of student housing and the University Guest House in Fort Douglas for the 2002 Olympic Village. Then he stayed on to manage technology across the 75-acre site.
He most enjoyed the challenge of the security aspect of technology, so when an opening became available in the university's fledgling Information Security Office, he lobbied hard to get the spot. He must have called and emailed the manager of the group every other day for a month.
tips & resources
Phishing lessons
You realize it a moment too late: You fell for a malicious email, clicked a bad link, and entered your password on a suspicious site. You’ve just been phished! Now what?
If you click on a questionable link and enter login credentials, immediately change your password in the CIS portal — and in any personal accounts that may be compromised.
Secure those passwords!
Is your password secure enough?
Easy-to-guess, "weak" passwords are the main way criminals gain access to system information. Keeping passwords safe and hard to guess is critical to ensure information is not compromised.
Take a moment to review the University of Utah's password requirements and guidelines.
Add a layer of protection
to your university account
According to the FBI and U.S. Department of Homeland Security, higher education institutions are increasingly becoming a target for cybercriminals. Multi-factor authentication (MFA) decreases the chances of a security attack because the criminal cannot access data with your login credentials alone.
That’s where Duo two-factor authentication (2FA) comes in — the idea that you are authenticating your identity via two separate factors, one of which isn’t your password.
SECURITY CHAMPS
The Information Security Office is looking for engaged, enthusiastic Security Champs to help us strengthen university-wide information security risk management through education and collaboration.
We are an official Champion of Data Privacy Day (January 28, 2020) — are you? Find out more at Stay Safe Online.
Helpful Links
- Report a security incident
- Report phishing to phish@utah.edu
- U of U Policy 4-004: Information Security Policy — Questions? Contact ISO-GRC@utah.edu.
- Org chart: ISO comprises four areas — Enterprise Security; Governance, Risk & Compliance (GRC); Identity & Access Management (IAM); and Security Assurance.
UofU IT News & Info
- UIT: Node 4
- ITS: Hardwired (authentication required)