May 15, 2019 update: You can once again use the Call Me option to receive Duo phone calls to Chinese (+86) numbers for two-factor authentication. Automated phone calls for Duo two-factor authentication are no longer being blocked to Chinese (+86) numbers. Duo worked with one of its telephony providers and the Chinese government to resolve the issue. China… Read More »
Information Assurance will soon introduce a “Report Phishing” button to the Outlook email system used within Michigan Medicine. The button will be handy way to report quickly and efficiently any email that seems a little “fishy.” Learn more on the HITS website.
U-M staff members, and a number of other IT security pros from Domino’s, and Washtenaw Community College, honed their IT security investigation skills at a March 27 Boss of the SOC (Security Operations Center) event held at U-M and sponsored by the U-M Information Assurance office and Splunk. Working in teams of four to five, participants assumed the… Read More »
Imagine not being able to log in to your U-M GMail and Calendar—or Box at U-M, Canvas, and more. That might have been a risk if an attacker had exploited a previously unknown Shibboleth vulnerability. Within minutes, the attacker could have broadly disrupted logins at U-M and across higher education. Thankfully, that didn’t happen. While doing a routine… Read More »
How do the new information security standards and the revised Information Security (SPG 601.27) policy affect your work? Information Assurance (IA) is hosting working sessions for members of the U-M community interested in learning about implementing the policy and standards. Upcoming sessions: Thursday, April 4 (1:30-3:30 p.m.). This session will cover Security Log Collection, Analysis, and Retention (DS-19)… Read More »
Turn on device encryption to help secure personal and institutional data at home and at work. Encryption protects against unauthorized access to data if your device is lost or stolen. Encryption is: Required for any personal device you use to access U-M data classified as High. https://www.safecomputing.umich.edu/protect-the-u/safely-use-sensitive-data/classification-levels Recommended for any device you use to access or store U-M… Read More »
Whether you are planning a vacation or professional trip, you will likely take along some combination of a smartphone, tablet, laptop, and other mobile devices. Follow these tips to safeguard both your own and the university’s data. Before you travel If you don’t need it, don’t travel with it. Plan which Duo options you will use and enroll… Read More »
U-M CIO Ravi Pendse was quoted in a recent article about how new cybersecurity intelligence suggests that Chinese hackers are ramping up their efforts to steal military research secrets from U.S. universities. According to a report in “The Wall Street Journal,” Chinese hackers targeted institutions and researchers with expertise in undersea technology as part of a coordinated cybercampaign… Read More »
Internet of Things (IoT) devices, such as smart home assistants, smart appliances, and gaming systems, can collect a lot of personal data about you—sometimes more than you might realize. Personal data about you and others who use and share such devices may be retained, used, and sold in unexpected ways. IoT devices usually send data to cloud storage… Read More »
Be smart and secure your home network so that only those you allow can access it. This protects your privacy and networked devices. There are two basic steps to securing your home network: 1. Update all your Internet-enabled devices with the latest operating systems, web browsers, and security software. This includes any devices that access your wireless network.… Read More »
If you use your personal devices—smartphone, laptop, tablet, and so on—for work, you are responsible for appropriately managing and securing them, as well as for meeting the obligations described in Security of Personally Owned Devices that Access or Maintain Sensitive Institutional Data (SPG 601.33). Your unit may have additional restrictions beyond those found in the SPG. Check with… Read More »
The IT Security Community and Michigan IT staff are invited and encouraged to attend an information session about vulnerability management and data & device disposal February 22.
Starting in January, the Information Assurance Michigan Medicine Education & Awareness Program began publishing monthly IT security awareness reminders titled “Cyber Safety — Review in 2.” The campaign’s goal is to increase awareness of key cybersecurity topics by presenting important information that can be reviewed in two minutes or less. To encourage the Michigan Medicine workforce to learn more about… Read More »
U-M Information Assurance (IA) offers tips to help you protect yourself from identity theft and tax fraud.
Miss out on Privacy@Michigan? Don’t worry, you can watch the recording and catch up on the online conversation. We’ve also uploaded digital copies of many of the printed handouts distributed at the event.
Do you long for more civility in social media, comment sections, and online discussions? Consider what you can do, and encourage others to be better digital citizens.
IT staff tasked with securing systems can now use a customized assessment tool to help them. Information Assurance (IA) has customized the Center for Internet Security Configuration Assessment Tool (CIS-CAT) for the university.
U-M’s network Intrusion Prevention System (IPS) now protects the recently launched MSetup wireless network from malicious internet traffic.
A toolkit is now available to help your unit comply with the General Data Protection Regulation (GDPR), which went into effect in May.
As U-M gets ready for Winter Break, remember that cyber attackers never take time off. The university takes measures to protect the institution’s data and systems no matter the time of the year.