Category Archives: Safe Computing

Visit the SafeComputing site for more information. Report a security incident. Subscribe to the Safe Computing RSS feed.

Michigan Medicine employees get new cybersecurity reminders

Starting in January, the Information Assurance Michigan Medicine Education & Awareness Program began publishing monthly IT security awareness reminders titled “Cyber Safety — Review in 2.” The campaign’s goal is to increase awareness of key cybersecurity topics by presenting important information that can be reviewed in two minutes or less. To encourage the Michigan Medicine workforce to learn more about… Read More »

Reminder on sensitive data in U-M Box

Box at U-M may be used with some types of sensitive data, including Protected Health Information (PHI), according to the U-M Sensitive Data Guide. You are responsible for using Box appropriately with sensitive university data and taking the necessary precautions. Sensitive data should be stored in a folder owned by a Shared Account. Please review Box: Working with… Read More »

Cryptocurrency mining risks and U-M restrictions

You may not use U-M resources—computers, networks, electricity—for cryptocurrency mining. Such use violates university policy and puts U-M services and data, and your personal accounts and devices, at risk. The Responsible Use of Information Resources (SPG 601.07) policy states that U-M resources may not be used “for personal commercial purposes or for personal financial or other gain.” The… Read More »

Protecting medical devices from cybersecurity threats

Medical devices capable of transmitting health information and connecting to Michigan Medicine’s networks offer improvements to the effective delivery of patient care, but they also may introduce privacy and security concerns. Michigan Medicine’s Information Assurance (IA) program has been raising awareness of these concerns and developing new approaches to address these vulnerabilities. As a major step, Michigan Medicine… Read More »

IA Chrome extension protecting LSA

About 2,100 managed systems in the College of Literature, Science, and the Arts (LSA) now have extra protection from malicious websites thanks to the Safe Computing Website Checker developed by Information Assurance (IA). The extension protects people from some types of malicious websites when browsing the web with Chrome. “Utilizing Group Policy Management (GPO) we have deployed this… Read More »

Only store sensitive data in approved services—check the guide!

Do you work with sensitive data? Any time you are thinking about using a storage or collaboration service for sensitive university data—whether in the cloud or at U-M: Check the Sensitive Data Guide first to see which services are approved for your data type. If the service you want to use is not listed in the guide, ask… Read More »

Students show security know-how and win prizes

For the past 14 years, Information Assurance (IA) has engaged UM-Ann Arbor students, including medical students, with an online quiz designed to raise awareness about IT security issues and promote good IT security practices. This year’s quiz resulted in the second highest completion rate yet! From October 29 through November 2 a total of 7281 students participated. This… Read More »

ITS begins work on CUI proof of concept

The University of Michigan has been working on a effort to ensure that the university is compliant with the new regulations concerning the use of Controlled Unclassified Information (CUI). The next step is to develop a CUI public cloud strategy and proof of concept in AWS. That is where the ITS Cloud Infrastructure Transformation Program (CITP) technical team… Read More »

U-M Information Security policy: Revised and approved

The revised University of Michigan Information Security policy (SPG 601.27) recently was approved, along with a number of new information technology standards. The policy and accompanying standards represent the most comprehensive revision of the institution’s information security program since its inception over a decade ago. SPG 601.27 and the standards are based on a cybersecurity risk management framework that… Read More »