Here is an important password tip: Do not reuse your UMICH (Level-1) password. Try to set a unique password for each site and online service you use (or use a password manager), and never use your UMICH password for non-university accounts or services. Reusing passwords puts you at risk. There have been a number of data breaches outside… Read More »
As shown above, highlights of Cybersecurity month include: 9 virtual training sessions covering topics like privacy and data use, using Duo two-factor authentication, data classification, and more 4 virtual drop-in Q&A sessions with security analysts 1000+ people sent and received email with Virtru enhanced email security 22K+ MiWorkspace and MiServer managed systems have CrowdStrike Falcon installed for enhanced… Read More »
A new Duo option makes it easier to reactivate the Duo Mobile app when you get a new device. Prior to October 23, 2020, if you got a new smartphone or tablet and wanted to reactivate the Duo Mobile app on it, you needed to use an alternate method of Duo two-factor (such as a phone call) or… Read More »
Staff in the Shared Services Center (SSC) play an important role in properly handling sensitive institutional data, including data regulated by the Health Insurance Portability and Accountability Act (HIPAA). This past summer, the SSC decided it was time to update their HIPAA training, which they require annually of their staff. The SSC noticed that Information and Technology Services… Read More »
The Michigan Daily recently spoke to experts on campus — including Ravi Pendse, vice president for information technology and chief information officer, and Kyle Lindsey and Hanah Stiverson, two doctoral students who are working on a book with Professor Lisa Nakamura about Zoom-bombing — to compile a list of tips to ensure calls for classes or clubs remain… Read More »
Security at University of Michigan IT (SUMIT) 2020, ITS’s free annual event hosted during National Cybersecurity Awareness Month, goes online for SUMIT Reimagined. This series of informational events where members of the U‑M community can get help from IT experts on a variety of topics is entirely virtual this year. Check out a few of the events below and see… Read More »
Each October, ITS Information Assurance (IA) celebrates Cybersecurity Awareness Month by reminding members of the university community about their shared responsibility to protect themselves and the U and by sharing IT security and privacy tips.
U-M classes are overwhelming being taught remotely this semester. This means that some instructors may, for a variety of reasons, wish to record their classes. The Safe Computing website has guidelines for instructors who plan to record class activities. Recordings where students can be identified—from in-person sessions or remote instruction via Zoom, BlueJeans, or any other videoconferencing application—are:… Read More »
In the course “Cybersecurity for Future Leaders” (EECS 498 / PUBPOL 475), students will gain a better understanding of the science, technology, public policy, and national security considerations behind cybersecurity in order to protect the very tenets of democracy. Election security will be one of the course’s six focus areas this fall 2020. The course is taught from… Read More »
Make your U-M Gmail even more secure Information and Technology Services (ITS) is happy to announce that effective immediately, students, staff, and faculty have access to a new email security tool — Virtru. (Note: Michigan Medicine provides a similar capability for their email service). With Virtru, you can send end-to-end encrypted email to any address, prevent a forwarded email… Read More »
Ransomware is on the rise and you have an important role to play in protecting U-M!!! Cybercriminals and other threat actors continue to ratchet up ransomware attacks on universities, healthcare providers, and other organizations. This summer Michigan State University and the University of California San Francisco, among others, have reported recent attacks. Ransomware attempts often begin with a… Read More »
You can no longer request two-year SSL server certificates from ITS. Web browsers and devices from Apple, Google, and Mozilla will not trust any two-year certificate issued after August 30, 2020.
Next time you change or reset your UMICH (Level-1) password, you will need to meet new password strength requirements. Existing passwords are not affected by the new requirements and can remain as is. The new requirements align with current best practices and National Institute of Standards and Technology (NIST) guidelines for passwords. Given the sophistication of attempted attacks… Read More »
You can now use Duo two-factor protection with the U-M Virtual Private Network (VPN). With faculty, staff, and students already benefiting from Duo two-factor authentication at Weblogin, ITS is working to further extend this protection to other university services. Try it now on your personal computer Visit ITS: Getting Started With VPN and choose your operating system to… Read More »
Has a system you are responsible for been compromised? How would you know? What should you do? Almost all IT professionals at some time in their career have faced these questions. Information Assurance (IA) offers guidance for checking your systems for signs of compromise, or simply suspicious activity. Start by checking system and software logs for the following… Read More »
Some email scams are easy to spot. Other types of scams, like emails with forged or misleading sender addresses, can be harder to catch. Such emails are often referred to as “spoofed.” Scammers “spoof” by trying to make you think the sender is someone you know and trust in an attempt to get you to send money, disclose… Read More »
Wondering if that weird email you just got is a scam? Need to know how to get a new phone set up to do Duo two-factor authentication? Wondering how to secure your home network now that you are working and learning from home? Need to provide cybersecurity or privacy tips to a customer or colleague? You’ve got a… Read More »
You know to be wary of phishing emails and phone scams, but did you know that crooks also send text messages to steal your identity and money? These scams, called “smishing”—the word comes from SMS + phishing—appear to be increasing during the COVID-19 pandemic. Warning signs Consider any unexpected text message from an unknown number suspect. Smishes may… Read More »
If you are working from home, you may be using some of your personal devices to take care of U-M business. Make sure they are appropriately secured to protect yourself and U-M. If you access or maintain sensitive university data with your devices, you are responsible for securing them. See: Security of Personally Owned Devices That Access or… Read More »
ITS Information Assurance is seeing an increase in fraudulent emails that appear to come from U-M deans, employees and offices. These fraudulent emails use a practice known as “spoofing.” Different versions of these emails ask the recipient to: Quickly arrange for gift cards to cover a university expense Reply if you are available Make an immediate wire transfer… Read More »