Make your U-M Gmail even more secure Information and Technology Services (ITS) is happy to announce that effective immediately, students, staff, and faculty have access to a new email security tool — Virtru. (Note: Michigan Medicine provides a similar capability for their email service). With Virtru, you can send end-to-end encrypted email to any address, prevent a forwarded email… Read More »
Ransomware is on the rise and you have an important role to play in protecting U-M!!! Cybercriminals and other threat actors continue to ratchet up ransomware attacks on universities, healthcare providers, and other organizations. This summer Michigan State University and the University of California San Francisco, among others, have reported recent attacks. Ransomware attempts often begin with a… Read More »
You can no longer request two-year SSL server certificates from ITS. Web browsers and devices from Apple, Google, and Mozilla will not trust any two-year certificate issued after August 30, 2020.
Next time you change or reset your UMICH (Level-1) password, you will need to meet new password strength requirements. Existing passwords are not affected by the new requirements and can remain as is. The new requirements align with current best practices and National Institute of Standards and Technology (NIST) guidelines for passwords. Given the sophistication of attempted attacks… Read More »
You can now use Duo two-factor protection with the U-M Virtual Private Network (VPN). With faculty, staff, and students already benefiting from Duo two-factor authentication at Weblogin, ITS is working to further extend this protection to other university services. Try it now on your personal computer Visit ITS: Getting Started With VPN and choose your operating system to… Read More »
Has a system you are responsible for been compromised? How would you know? What should you do? Almost all IT professionals at some time in their career have faced these questions. Information Assurance (IA) offers guidance for checking your systems for signs of compromise, or simply suspicious activity. Start by checking system and software logs for the following… Read More »
Some email scams are easy to spot. Other types of scams, like emails with forged or misleading sender addresses, can be harder to catch. Such emails are often referred to as “spoofed.” Scammers “spoof” by trying to make you think the sender is someone you know and trust in an attempt to get you to send money, disclose… Read More »
Wondering if that weird email you just got is a scam? Need to know how to get a new phone set up to do Duo two-factor authentication? Wondering how to secure your home network now that you are working and learning from home? Need to provide cybersecurity or privacy tips to a customer or colleague? You’ve got a… Read More »
You know to be wary of phishing emails and phone scams, but did you know that crooks also send text messages to steal your identity and money? These scams, called “smishing”—the word comes from SMS + phishing—appear to be increasing during the COVID-19 pandemic. Warning signs Consider any unexpected text message from an unknown number suspect. Smishes may… Read More »
If you are working from home, you may be using some of your personal devices to take care of U-M business. Make sure they are appropriately secured to protect yourself and U-M. If you access or maintain sensitive university data with your devices, you are responsible for securing them. See: Security of Personally Owned Devices That Access or… Read More »
ITS Information Assurance is seeing an increase in fraudulent emails that appear to come from U-M deans, employees and offices. These fraudulent emails use a practice known as “spoofing.” Different versions of these emails ask the recipient to: Quickly arrange for gift cards to cover a university expense Reply if you are available Make an immediate wire transfer… Read More »
Are you creating new MCommunity groups to help you collaborate and stay in touch with people while working or learning remotely? Group owners are responsible for ensuring that members of their group have a good experience. The MCommunity Directory includes options to help you do that. If you own a group, your responsibilities include: Having a clear purpose… Read More »
Given the current infodemic related to the COVID-19 pandemic, it is harder than ever to get your important university information through to the people who need it. People are rightfully suspicious of unsolicited email, but that can sometimes cause them to ignore or delete your important, legitimate communications. Focus on helping recipients verify the legitimacy of your U-M… Read More »
To better help you secure your unit networks, ITS Information Assurance (IA) is increasing the frequency of its universitywide scans and adding internal network scanning. As of May, universitywide vulnerability scans are now performed monthly instead of quarterly. The monthly scans will be similar to previous quarterly scans. The software begins by performing a TCP and UDP probe… Read More »
To find out why people adopt and then sometimes abandon online safety measures, researchers from the School of Information surveyed more than 900 people about their use of 30 commonly recommended practices to guard against security, privacy, and identity theft risks. The team found that security practices like avoiding clicking on unknown links or emails were much more… Read More »
On any given day in Kevin Fu’s laboratory at the College of Engineering research investigators might use an antenna to fool the lab’s sensor into giving a false temperature readings or a laser light beam to inject false voice commands in a voice-controlled assistant from a distance of 300 feet. Unlike many cybersecurity troubleshooters, Fu is not looking… Read More »
ITS Information Assurance has rapidly developed a number of new Safe Computing resources to help you practice and promote good IT security and privacy practices in this new normal: New on Safe Computing and in IT Security at U-M. New resources covering videoconferencing security and privacy, coronavirus scams, how to prevent Zoombombing, new videos, new entries in the… Read More »
Check out this new IT Security Tips for When You Work from Home video from ITS Information Assurance. It covers securing your devices and connections, protecting your privacy, and watching out for phishing, scams, and fraud. Please share it with others who may find it helpful. For more details and links to resources for working securely from home,… Read More »
Watch for tax fraud during extended tax season With tax filing deadlines extended from April 15 to July 15, the risk of tax fraud is extended as well. Be alert for fraudulent phone calls and emails from scammers pretending to represent the IRS. See Safe Computing: Beware of Tax Fraud for examples and more information. Watch for scams… Read More »
When you share files or folders from Google Drive or Box, you can control the level of permissions granted to others. The U-M Collaboration Services team recommends using caution when you choose permissions for your files and folders to ensure the privacy and security of university data. This is especially true when collaborating with people outside of U-M.… Read More »