Skip to content

The Information Security Office (ISO) continuously strives for daily operational excellence
to ensure the confidentiality, availability, and integrity of University of Utah information technology systems and data through appropriate security resources and best practices.


Square silver beads that spell "IRS SCAMS" sit on top of a W-4 tax form.

IT security tip: Prepare for tax season scams

Tax season is upon us and with it comes verdant hunting grounds for scammers and phishers. The Cybersecurity and Infrastructure Security Agency (CISA) has published a great series of tips and warnings to prepare you for phishing scams that target your income tax returns. The IRS will not:

  • Contact you via email, text messages, or social media
  • Threaten you with criminal charges
  • Ask for payment in the form of gift cards or other merchandise

And remember: If you receive a suspicious message in your UMail inbox, report it using the Phish Alert button or by forwarding it as an attachment to


A photo illustration of a white translucent shield with a keyhole overlaying a darkened image of the University of Utah's Park Building.

A smartphone is open to the TikTok mobile app.

Explainer: Physical and Facility Security Rule (4-004F)

Rule 4-004F outlines the requirements to protect university buildings, facilities, IT systems, network and power cables, and other university property, as well as U community members, from myriad threats.

CISO discourages non-work apps on U-managed devices

The University of Utah's chief information security officer cautions people using U-managed devices not to install or use any application that doesn’t serve a legitimate university purpose (e.g., research, teaching, and marketing and communications).

Light-green tinted photo illustration of a lock in front of an aerial view of the University of Utah campus.

The Duo logo

U cybersecurity program establishes unit-level tools and reporting

A multiphased, campus-wide cybersecurity initiative commissioned by the Office of the President and Board of Regents is now underway. The program involves the implementation of new cybersecurity tools at a college/department/ organization-level.

Duo Mobile ending support for Android 8/9 and iOS 13

Although installed versions of Duo Mobile will continue to work after February 9, users will be unable to download the latest version of the app on Android 8/9, iOS 13, and older operating systems, and Duo will no longer troubleshoot issues, push IT security updates, or provide maintenance fixes for those operating systems.

Helpful Links

UofU IT News & Info

Security advisories

ISO on Twitter

Tips & resources

University-approved platforms for restricted and sensitive data

Due to the level of risk associated with restricted and sensitive data, the university has approved only a select number of platforms for those data types. Our security matrix provides an overview of some popular platforms and the data types for which they are approved.


FERPA: How to securely share and store student data

We created a couple of resources to help instructors and students understand which applications and devices can be used to share and store FERPA-protected data, especially as more of us use new platforms to learn, teach, and connect remotely.

Flowchart: Is this platform safe? READ MORE

Telecommuting? Follow these IT best practices.

Compared to working on campus, telecommuting can present different information security risks, especially when it comes to network security, data storage, and physical security. By following these best practices, you can help protect yourself and the university from cyberthreats.


Using a VPN to access the campus network

To access certain resources on the University of Utah network, university employees and students working or studying remotely should use a secure virtual private network (VPN).

University of Utah VPN options:
  • Palo Alto Global Protect 
  • Departmental VPN


Secure those passwords!

Secure those passwords!

Is your password secure enough?

Easy-to-guess, "weak" passwords are the main way criminals gain access to system information. Keeping passwords safe and hard to guess is critical to ensure information is not compromised.

Take a moment to review the University of Utah's password requirements and guidelines.



IT security software available through OSL

IT security software available through OSL

With antivirus and firewall software, you can better protect your information and reduce the risk to your computers from malicious attacks. Both are available at a reduced cost through the U's Office of Software Licensing (OSL).

Licenses are available for university organizations, work-at-home staff and faculty, and student, faculty, and staff with personally-owned computers.


Last Updated: 2/22/23