Skip to content

The Information Security Office (ISO) continuously strives for daily operational excellence
to ensure the confidentiality, availability, and integrity of University of Utah information technology systems and data through appropriate security resources and best practices.


An illustration of a blue key on a black background with various semi-transparent blue letters and numbers around it.

Explainer: Data Classification and Encryption Rule

The University of Utah’s Data Classification and Encryption Rule (4-004C), which supports Information Security Policy (4-004), outlines how to protect the U’s data through classification, encryption, and retention. 

A glowing blue lock with an email icon as the square part, on a black background.

Neon pink, purple, and blue outlines of shields nestle inside each other on a black background.

Digital security tip: How
to avoid gift card scams

If someone asks you to pay them with a gift card, it’s probably a scam. Always verify their identity by contacting them using a known or trusted source, such as a phone number or email address you have on file, or information that has been published on their organization's website. Legitimate utilities, tech companies, and government agencies will never ask you to pay them with a gift card.

A few simple actions make it easy to stay safe online

You are not powerless against online threats and attacks. In fact, a few simple actions can make a big difference toward securing your data and devices. For Cybersecurity Awareness Month, the Information Security Office will share some IT security best practices and resources to get you started.

A glowing blue lock with an email icon as the square part, on a black background.

A compass with the word "risk" to the northwest and the arrowing pointing north at "security."

Cisco email encryption service to be upgraded

The University of Utah will upgrade the Cisco Secure Email Encryption Service (CSEES, formerly Cisco Registered Envelope Service) to make it easier to access encrypted emails. After the change, email recipients will no longer need to create a CSEES account to access encrypted emails and attachments.

Explainer: Information Security Risk Management Rule

Rule 4-004B, which establishes the U’s information security risk management program, outlines how the university will secure IT systems that interact with university data and provides guidance on how to assess, prepare for, and handle information security risks.



Helpful Links

UofU IT News & Info

Security advisories


Tips & resources

University-approved platforms for restricted and sensitive data

Due to the level of risk associated with restricted and sensitive data, the university has approved only a select number of platforms for those data types. Our security matrix provides an overview of some popular platforms and the data types for which they are approved.


FERPA: How to securely share and store student data

We created a couple of resources to help instructors and students understand which applications and devices can be used to share and store FERPA-protected data, especially as more of us use new platforms to learn, teach, and connect remotely.

Flowchart: Is this platform safe? READ MORE

Telecommuting? Follow these IT best practices.

Compared to working on campus, telecommuting can present different information security risks, especially when it comes to network security, data storage, and physical security. By following these best practices, you can help protect yourself and the university from cyberthreats.


Using a VPN to access the campus network

To access certain resources on the University of Utah network, university employees and students working or studying remotely should use a secure virtual private network (VPN).

University of Utah VPN options:
  • Palo Alto Global Protect 
  • Departmental VPN


Secure those passwords!

Secure those passwords!

Is your password secure enough?

Easy-to-guess, "weak" passwords are the main way criminals gain access to system information. Keeping passwords safe and hard to guess is critical to ensure information is not compromised.

Take a moment to review the University of Utah's password requirements and guidelines.



IT security software available through OSL

IT security software available through OSL

With antivirus and firewall software, you can better protect your information and reduce the risk to your computers from malicious attacks. Both are available at a reduced cost through the U's Office of Software Licensing (OSL).

Licenses are available for university organizations, work-at-home staff and faculty, and student, faculty, and staff with personally-owned computers.


Last Updated: 11/16/22