To improve security, ITS will upgrade Kerberos to version 1.18 in summer 2021 (likely in August). The upgrade will disable support for Data Encryption Standard (DES), which is an insecure and deprecated encryption type.
Just five years ago, most websites relied on unencrypted HTTP, the aging and inherently insecure protocol that provides no protection to sites or visitors from threats that range from surveillance through phishing and identity theft. Today, the internet is a much more secure place, with over 80% of websites protected by HTTPS secure encryption. That dramatic transformation –… Read More »
Each October, ITS Information Assurance (IA) celebrates Cybersecurity Awareness Month by reminding members of the university community about their shared responsibility to protect themselves and the U and by sharing IT security and privacy tips.
The percentage of websites protected with HTTPS secure encryption—indicated by the lock icon in the address bar of most browsers—has jumped from just over 40% in 2016 to 80% today. That’s largely due to the efforts of Let’s Encrypt, a nonprofit certificate authority co-founded in 2013 by J. Alex Halderman, a U-M professor of computer science and engineering.… Read More »
UM-Dearborn ITS has kicked off a new initiative to encrypt users’ endpoint devices (laptop and desktop computers). This effort dramatically improves the way UM-Dearborn secures its endpoints, and the data and services they touch. In addition, it helps bring campus in line with U-M IT security policies and standards. The effort initially rolled out to two departments that… Read More »
Turn on device encryption to help secure personal and institutional data at home and at work. Encryption protects against unauthorized access to data if your device is lost or stolen. Encryption is: Required for any personal device you use to access U-M data classified as High. https://www.safecomputing.umich.edu/protect-the-u/safely-use-sensitive-data/classification-levels Recommended for any device you use to access or store U-M… Read More »
The CA/Browser Forum is a group of SSL certificate authorities and web-browser developers who work to set standards for SSL encryption. A new CABforum rule going into effect March 1, 2018 will shorten the maximum lifetime of SSL certificates from all commercial certificate authorities. After that time, certificates obtained via the ITS “Web Application Sign-up Page” can have… Read More »