Your role in implementing new info security standards

No matter what your job at U-M, you have a role to play in implementing the new information security standards and the revised Information Security (SPG 601.27) policy. Your responsibilities could include:

  • Participating in data protection training
  • Reporting suspected or actual IT security incidents
  • Learning and using secure coding best practices
  • Configuring systems to meet minimum security requirements
  • Physically securing IT resources
  • Ensuring that third-party vendors (including cloud providers) meet compliance requirements
  • Meeting specified timelines for patching security vulnerabilities
  • Updating pages about unit IT services to include information about compliance with the policy and standards
  • And more

Information Assurance (IA) is hosting working sessions for members of the U-M community interested in learning more about the new requirements. Upcoming topics include network security; physical security; and access, authentication, and authorization.

If you missed earlier sessions, you can review the slides, questions and answers, and audio recordings on Safe Computing: