Tag Archives: security

Video: Interview with Sol Bermann, U-M CISO

By | July 24, 2019

Sol Bermann, executive director of information assurance and chief information security officer (CISO) for U-M, was recently interviewed by “EDUCAUSE Review” about the growing need for privacy management, the policies and laws in place to protect our privacy, and how big data has changed the game. In a wide-ranging interview, Bermann discusses: The difference between a chief privacy… Read More »

Bermann named Chief Information Security Officer

By | July 18, 2019

Sol Bermann, J.D. was named executive director of Information Assurance and chief information security officer (CISO) for the University of Michigan in June 2019. He served as U-M’s interim chief information security officer during the 2014/15 and 2017/19 academic years. Since joining the university in 2011, Bermann has served as the university’s interim CISO, university privacy officer, and… Read More »

Dissonance events explore tech-based policy and legal subjects

Technology changes at an ever-increasing rate, almost always outstripping policy, privacy, security, and legal considerations. ITS Information Assurance (IA) collaborates with faculty, researchers, students, and external industry experts to create a forum, Dissonance, for public discourse on the tensions surrounding technology, policy, privacy, security, and law.

Better protection for U-M networks

ITS began implementing components of a greatly enhanced network security threat detection and mitigation system in late June. This approach combines cutting edge technologies, open source tools, and U-M’s MITN threat intelligence framework to provide a security solution that scales across U-M networks. It will allow ITS to:  Detect and mitigate network threats across more U-M networks.  Extend… Read More »

U-M IT security posture information published

Have external collaborators, granting agencies, or vendor partners ever asked you for information about the university’s IT security posture? ITS Information Assurance has pulled together an overview of how we secure U-M into one document to help you answer those questions: U-M IT Security Posture (U-M login required)Note: IT security and compliance is a shared responsibility. This document… Read More »

Review your MCommunity privacy settings

Your profile Your MCommunity profile shows only information related to your U-M affiliation. For U-M staff members, publicly viewable information includes: name, uniqname, email address, U-M affiliation, title, and U-M work phone number and address. You can choose privacy settings for additional information about yourself, such as your notice or description. You can choose whether the additional information… Read More »

Blue unicorns: The U-M alums who founded Duo Security

By | May 14, 2019

Co-founded by U-M alums Dug Song and Jon Oberheide, Ann Arbor-based Duo Security sold late last year for $2.35 billion. As one of fewer than 150 privately held companies in the U.S. worth more than $1 billion (known as “unicorns”), Duo became incredibly successful in part by adhering to values besides the bottom line, such as inclusion and community. … Read More »

Unhackable: New chip stops attacks before they start

By | May 6, 2019

A new computer processor architecture developed at U-M could usher in a future where computers proactively defend against threats, rendering the current electronic security model of bugs and patches obsolete. Called MORPHEUS, the chip blocks potential attacks by encrypting and randomly reshuffling key bits of its own code and data 20 times per second—infinitely faster than a human… Read More »

Your role in implementing new info security standards

No matter what your job at U-M, you have a role to play in implementing the new information security standards and the revised Information Security (SPG 601.27) policy. Your responsibilities could include: Participating in data protection training Reporting suspected or actual IT security incidents Learning and using secure coding best practices Configuring systems to meet minimum security requirements… Read More »

UM-Dearborn implements encryption program

UM-Dearborn ITS has kicked off a new initiative to encrypt users’ endpoint devices (laptop and desktop computers). This effort dramatically improves the way UM-Dearborn secures its endpoints, and the data and services they touch. In addition, it helps bring campus in line with U-M IT security policies and standards. The effort initially rolled out to two departments that… Read More »

Halderman co-chairs new commission to protect Michigan votes

By | March 26, 2019

Michigan Secretary of State Jocelyn Benson recently announced a new Election Security Commission to be co-chaired by U-M professor of computer science and engineering J. Alex Halderman. His work in voting security and in particular electronic voting machines has positioned him as a preeminent expert in the field. Halderman has made multiple contributions to election security advocacy at… Read More »

Learn about implementing new info security standards

How do the new information security standards and the revised Information Security (SPG 601.27) policy affect your work? Information Assurance (IA) is hosting working sessions for members of the U-M community interested in learning about implementing the policy and standards. Upcoming sessions: Thursday, April 4 (1:30-3:30 p.m.). This session will cover Security Log Collection, Analysis, and Retention (DS-19)… Read More »

Encrypt your devices and data

Turn on device encryption to help secure personal and institutional data at home and at work. Encryption protects against unauthorized access to data if your device is lost or stolen. Encryption is: Required for any personal device you use to access U-M data classified as High. https://www.safecomputing.umich.edu/protect-the-u/safely-use-sensitive-data/classification-levels Recommended for any device you use to access or store U-M… Read More »

Tips for traveling safely with technology

Whether you are planning a vacation or professional trip, you will likely take along some combination of a smartphone, tablet, laptop, and other mobile devices. Follow these tips to safeguard both your own and the university’s data. Before you travel If you don’t need it, don’t travel with it. Plan which Duo options you will use and enroll… Read More »

Reminder: Secure your devices if you use them for U-M work

If you use your personal devices—smartphone, laptop, tablet, and so on—for work, you are responsible for appropriately managing and securing them, as well as for meeting the obligations described in Security of Personally Owned Devices that Access or Maintain Sensitive Institutional Data (SPG 601.33). Your unit may have additional restrictions beyond those found in the SPG. Check with… Read More »