Beginning February 24, you will be able to reset your UMICH (Level-1) password yourself without having to remember answers to your security questions. Before you can reset your UMICH password online at UMICH Account Management, your identity must be verified. For several years that has been done through the use of pre-set security questions and answers along with… Read More »
Security is everyone’s responsibility. If you use your personal devices—smartphone, laptop, tablet, and so on—for work, you are responsible for appropriately securing and managing them, as well as for meeting the obligations described in Security of Personally Owned Devices that Access or Maintain Sensitive Institutional Data (SPG 601.33). Your unit may have additional restrictions beyond those found in… Read More »
You can deploy Passwordstate in your unit under a U-M license that covers use by U-M faculty, staff, and students on all U-M campuses. Passwordstate allows teams of people to access and share sensitive password resources and is typically used for managing elevated and administrative passwords, as well as passwords for smaller proprietary systems, such as research databases.… Read More »
Rolling out what it’s calling a “street view for cyberspace,” Censys—a tech startup based on technology developed at the university—has launched a commercially available version of its internet-wide scanning tool. Based on technology developed in the lab of computer science and engineering professor J. Alex Halderman, Censys continuously scans the internet, analyzing every publicly visible server and device.… Read More »
Beware: Identity thieves can file fraudulent tax returns in your name and steal your tax refund. Last year, criminals filed false returns for people across the nation, including several U-M employees. Information Assurance (IA) offers the following tips to help you protect yourself from identity theft and tax fraud: Turn on two-factor authentication for Weblogin to add extra… Read More »
Before you get rid of any device you have used to work with, store, or access sensitive university data, you must make sure it is securely erased (sanitized). This keeps university data—and your personal information—from falling into the wrong hands. University-owned devices Sanitization and disposal of MiWorkspace devices is handled by MiWorkspace staff. Others who are responsible for… Read More »
Shortened URLs, such as those from bit.ly and goo.gl, make it easy to type in a web address quickly but hard to tell where your web browser will actually take you. Before clicking a shortened URL, check for the full URL. Most URL shorteners—including those used at U-M—include a preview feature. In addition, there are several URL checkers… Read More »
Celebrate International Data Privacy Day with a host of faculty, staff, and student experts as they present Privacy@Michigan on Tuesday, January 30, 2–6:30 p.m., in Space 2435 of North Quad. Privacy@Michigan brings together faculty, researchers, students, and staff from different colleges, schools, and units across campus and aims to spark ongoing, multidisciplinary conversations about privacy’s role in society—here… Read More »
There’s a new address for reporting phishing emails at U-M: ReportPhish@umich.edu. Previously, people were asked to report phishing to the IT User Advocate at abuse@umich.edu, Information Assurance (IA) is now asking that these reports go to ReportPhish@umich.edu instead. We’ll use the new address for the UM-Ann Arbor campus, but Michigan Medicine is going to hold off on rolling out… Read More »
It takes the entire U-M community to help protect against cyber threats. That’s the message on posters sent to Security Unit Liaisons at the end of November. The 11 by 17-inch posters stress that IT security is a shared responsibility, and we all have a part to play. In particular, they urge people to secure and protect any… Read More »
Are you interested in providing anti-phishing education through self-phishing in your unit? If so, be aware that any U-M unit considering such an effort is expected to abide by self-phishing guidelines and norms from Information Assurance (IA). The guidelines are intended to contribute to the success of your anti-phishing efforts and to share IA expertise based in part… Read More »
The 13th annual Security at University of Michigan IT (SUMIT) was held on Thursday, October 19. More than 550 people attended SUMIT 2017 either in person at Rackham Auditorium or virtually via the live stream throughout the day. This number represents more than 170 universities, corporations, small businesses, and nonprofits from around the country. This year, the university’s… Read More »
With the holiday season just around the corner, you may be getting ready to do some online shopping. See Online Shopping Tips to Protect Your Personal Information on the Safe Computing website for tips to help you protect your personal information and devices when you shop online. The tips fall into three categories: Secure your environment Know who… Read More »
From July to September of this year, University of Michigan-Flint ITS, supported by the U-M Information Assurance Office (IA), conducted an awareness campaign on campus that resulted in a significant decrease in the number of users who fell for simulated phish emails. In addition to IA support, UM-Flint ITS groups that were also instrumental in this process included… Read More »
For the past thirteen years, Information Assurance (IA) has engaged UM-Ann Arbor students, including medical students, with a basic quiz designed to raise awareness of IT security issues. This year’s quiz resulted in the highest completion rate yet! From October 30 through November 3, 2017, a total of 7,864 students participated. This is 17 percent of those who… Read More »
A 2008 study estimated that it would take 244 hours a year for the typical American internet user to read the privacy policies of all websites he or she visits—and that was before smartphones with dozens of apps, cloud services, and smart home technologies. If you’re like most people, you don’t read them. Florian Schaub, assistant professor of information at… Read More »
Beware of so-called “vishing” phone scams meant to trick you into giving money or personal information to a criminal.
IT security is an ongoing priority for Michigan Medicine. Currently, several projects are focused on enhancements and upgrades to ensure the security of patient and personal data and services. Find out more about the following: Enterprise Identity and Access Management (EIAM) Program Network Admission Control (NAC) for the Wireless and Wired Networks Skype for Business mobile – Secure… Read More »
With massive data breaches like the one at Equifax (what to do if you are affected) constantly in the news, it sometimes feels as if we are under siege and helpless to defend ourselves. Yet we now have more power than ever before to control digital identity and important financial and other sensitive accounts. Take some time this… Read More »
Anti-phishing education is more important than ever. Learn how to recognize and deal with phishing in a new 10–15 minute online course.