The Information Security Office (ISO) continuously strives for daily operational excellence
to ensure the confidentiality, availability, and integrity of University of Utah
information technology systems and data through exploitation of appropriate security
resources and best practices.
It's Cybersecurity Awareness Month!
Recent NewsMore Security News
How to navigate FERPA and instructional technology
Although the U has offered instructional technology for a number of years, the transition to remote learning brought to the forefront concerns about using multiple platforms that may or may not be supported by the university. ISO's Governance, Risk & Compliance Associate Director Trevor Long and University Registrar Tim Ebner explain how to navigate the regulations.
Adobe Flash Player support ends on 12/31. Prepare now.
On December 31, 2020, Adobe will stop distributing and updating Flash Player — just short of its 20th birthday. While many major browsers will automatically disable Flash Player before then, users still may need to uninstall the software on their operating systems in order to prevent any security vulnerabilities.
IAM's Vaibhav Narula wins staff excellence award
To be cybersecure, we must all do our part
We're more connected than ever — at work, at school, at home. Unfortunately, that means our privacy and security are more at risk than ever, too. Data Security Analyst Ariel Baughman and Identity & Access Management Associate Director Chris Stucker share some advice on how U community members can be cyber smart this Cybersecurity Awareness Month and all year long.
tips & resources
University-approved platforms for restricted and sensitive data
Due to the level of risk associated with restricted and sensitive data, the university has approved only a select number of platforms for those data types. Our security matrix provides an overview of some popular platforms and the data types for which they are approved.
FERPA: How to securely share and store student data
We created a couple of resources to help instructors and students understand which applications and devices can be used to share and store FERPA-protected data, especially as more of us use new platforms to learn, teach, and connect remotely.
Telecommuting? Follow these security best practices.
Compared to working on campus, telecommuting can present different information security risks, especially when it comes to network security, data storage, and physical security. By following these best practices, you can help protect yourself and the university from cyberthreats.
Using a VPN to access the campus network
To access certain resources on the University of Utah network, university employees and students working or studying remotely should use a secure virtual private network (VPN).
- Cisco AnyConnect
- Palo Alto Global Protect
- Departmental VPN
Phishing lessons
You realize it a moment too late: You fell for a malicious email, clicked a bad link, and entered your password on a suspicious site. You’ve just been phished! Now what?
If you click on a questionable link and enter login credentials, immediately change your password in the CIS portal — and in any personal accounts that may be compromised.
Secure those passwords!
Is your password secure enough?
Easy-to-guess, "weak" passwords are the main way criminals gain access to system information. Keeping passwords safe and hard to guess is critical to ensure information is not compromised.
Take a moment to review the University of Utah's password requirements and guidelines.
Add an extra layer of protection to your university accounts
According to the FBI and U.S. Department of Homeland Security, higher education institutions are increasingly becoming a target for cybercriminals. Multi-factor authentication (MFA) decreases the chances of a security attack because the criminal cannot access data with your login credentials alone.
That’s where Duo two-factor authentication (2FA) comes in — the idea that you are authenticating your identity via two separate factors, one of which isn’t your password.
We're cybersecurity
awareness Month
champions!
The University of Utah and the Information Security Office is dedicated to promoting a safer, more secure, and more trusted internet.
SECURITY CHAMPS
The Information Security Office is looking for engaged, enthusiastic Security Champs to help us strengthen university-wide information security risk management through education and collaboration.
Helpful Links
- Report a security incident
- Report phishing to phish@utah.edu
- U of U Policy 4-004: Information Security Policy — Questions? Contact ISO-GRC@utah.edu.
- Org chart: ISO comprises four areas — Enterprise Security; Governance, Risk & Compliance (GRC); Identity & Access Management (IAM); and Security Assurance.
UofU IT News & Info
- UIT: Node 4
- ITS: Hardwired (authentication required)