No matter what your job at U-M, you have a role to play in implementing the new information security standards and the revised Information Security (SPG 601.27) policy. Your responsibilities could include:
- Participating in data protection training
- Reporting suspected or actual IT security incidents
- Learning and using secure coding best practices
- Configuring systems to meet minimum security requirements
- Physically securing IT resources
- Ensuring that third-party vendors (including cloud providers) meet compliance requirements
- Meeting specified timelines for patching security vulnerabilities
- Updating pages about unit IT services to include information about compliance with the policy and standards
- And more
Information Assurance (IA) is hosting working sessions for members of the U-M community interested in learning more about the new requirements. Upcoming topics include network security; physical security; and access, authentication, and authorization.
If you missed earlier sessions, you can review the slides, questions and answers, and audio recordings on Safe Computing: