Skip to content

The Information Security Office (ISO) continuously strives for daily operational excellence to ensure the confidentiality, availability, and integrity of University of Utah information technology systems and data through exploitation of appropriate security resources and best practices.


Recent NewsMore Security News

Digital security tip: Secure your home network

Digital security tip: Secure your home network

This holiday season, the Information Security Office recommends that members of the university community take a few minutes to improve the security of their home networks — especially if someone in their household receives a new tech device as a gift.

The U is implementing privileged access management. Here's why.
Your U credentials are invaluable. Here's guidance on how to protect them.

The U is implementing privileged access management. Here's why.

The university and its resources are under attack every day. However, by implementing stronger controls on privilege and on all accounts for those resources, we can make the attackers work much harder to move around.

Your U credentials are invaluable. Here's how to protect them.

A set of credentials is extremely valuable to a cybercriminal. You, however, can make them more difficult for an attacker to obtain by following the U’s password policies and IT security best practices.

Please state your U affiliation in inbound calls, voicemail greetings
Students face increasing phishing and other cyberattacks

Please state your U affiliation in inbound calls, voicemail greetings

When answering calls to your university phone number, please identify your affiliation with the University of Utah or University of Utah Health. Similarly, when recording voicemail greetings, please identify your U affiliation in the message.

Students face increasing phishing schemes and other cyberattacks

Due to a sharp increase in phishing and other types of cyberattacks targeting university student accounts, which have resulted in a growing number of compromised uNID accounts, students are strongly encouraged to proactively begin using Duo Security two-factor authentication (2FA).

tips & resources

University-approved platforms for restricted and sensitive data

Due to the level of risk associated with restricted and sensitive data, the university has approved only a select number of platforms for those data types. Our security matrix provides an overview of some popular platforms and the data types for which they are approved.


FERPA: How to securely share and store student data

We created a couple of resources to help instructors and students understand which applications and devices can be used to share and store FERPA-protected data, especially as more of us use new platforms to learn, teach, and connect remotely.

Flowchart: Is this platform safe? READ MORE

Telecommuting? Follow these IT best practices.

Compared to working on campus, telecommuting can present different information security risks, especially when it comes to network security, data storage, and physical security. By following these best practices, you can help protect yourself and the university from cyberthreats.


Using a VPN to access the campus network

To access certain resources on the University of Utah network, university employees and students working or studying remotely should use a secure virtual private network (VPN).

University of Utah VPN options:
  • Palo Alto Global Protect 
  • Departmental VPN


Phishing lessons

You realize it a moment too late: You fell for a malicious email, clicked a bad link, and entered your password on a suspicious site. You’ve just been phished! Now what?

If you click on a questionable link and enter login credentials, immediately change your password in the CIS portal — and in any personal accounts that may be compromised.


Secure those passwords!

Secure those passwords!

Is your password secure enough?

Easy-to-guess, "weak" passwords are the main way criminals gain access to system information. Keeping passwords safe and hard to guess is critical to ensure information is not compromised.

Take a moment to review the University of Utah's password requirements and guidelines.




Add an extra layer of protection to your university accounts

According to the FBI and U.S. Department of Homeland Security, higher education institutions are increasingly becoming a target for cybercriminals. Multi-factor authentication (MFA) decreases the chances of a security attack because the criminal cannot access data with your login credentials alone.

That’s where Duo two-factor authentication (2FA) comes in — the idea that you are authenticating your identity via two separate factors, one of which isn’t your password.


The University of Utah is a Data Privacy Day Champion!

The University of Utah is a Data Privacy Week Champion! Learn more about Data Privacy Week at Stay Safe Online, and stay tuned for tips and resources.


The Information Security Office is looking for engaged, enthusiastic Security Champs to help us strengthen university-wide information security risk management through education and collaboration.


Helpful Links

UofU IT News & Info

Security advisories



Last Updated: 1/10/22