Don’t let Duo two-factor become a distraction when you travel. Review your options before you leave to make sure you’re prepared. While your regular Duo option may work, you could choose to use an alternative method that better suits your travel plans. Duo offers multiple options that are suited for different circumstances. The recommended travel option is the… Read More »
Microsoft will end support for Windows Server 2008 and 2008 R2 on January 14, 2020 That means it will no longer provide security updates or support. Don’t let your infrastructure and applications go unprotected. Begin planning now to upgrade as needed. This applies to physical servers that you manage as well as virtual servers. MiServer users are asked… Read More »
You can reduce the number of times you have to use Duo two-factor authentication when logging in at U-M Weblogin by checking the Remember me for 7 days box. With this feature, you will not be prompted for a two-factor authentication method at Weblogin over the next seven days, as long as you use the same computer and… Read More »
Sol Bermann, executive director of information assurance and chief information security officer (CISO) for U-M, was recently interviewed by “EDUCAUSE Review” about the growing need for privacy management, the policies and laws in place to protect our privacy, and how big data has changed the game. In a wide-ranging interview, Bermann discusses: The difference between a chief privacy… Read More »
Sol Bermann, J.D. was named executive director of Information Assurance and chief information security officer (CISO) for the University of Michigan in June 2019. He served as U-M’s interim chief information security officer during the 2014/15 and 2017/19 academic years. Since joining the university in 2011, Bermann has served as the university’s interim CISO, university privacy officer, and… Read More »
Technology changes at an ever-increasing rate, almost always outstripping policy, privacy, security, and legal considerations. ITS Information Assurance (IA) collaborates with faculty, researchers, students, and external industry experts to create a forum, Dissonance, for public discourse on the tensions surrounding technology, policy, privacy, security, and law.
ITS began implementing components of a greatly enhanced network security threat detection and mitigation system in late June. This approach combines cutting edge technologies, open source tools, and U-M’s MITN threat intelligence framework to provide a security solution that scales across U-M networks. It will allow ITS to: Detect and mitigate network threats across more U-M networks. Extend… Read More »
Atul Prakash, an electrical engineering and computer science professor, is part of a research team studying the process GitHub has in place for disclosing security issues. The team’s research culminated in a list of recommendations to help GitHub develop a standardized method to report security vulnerabilities.
Have external collaborators, granting agencies, or vendor partners ever asked you for information about the university’s IT security posture? ITS Information Assurance has pulled together an overview of how we secure U-M into one document to help you answer those questions: U-M IT Security Posture (U-M login required)Note: IT security and compliance is a shared responsibility. This document… Read More »
Your profile Your MCommunity profile shows only information related to your U-M affiliation. For U-M staff members, publicly viewable information includes: name, uniqname, email address, U-M affiliation, title, and U-M work phone number and address. You can choose privacy settings for additional information about yourself, such as your notice or description. You can choose whether the additional information… Read More »
You put U-M systems and data at risk if you use your UMICH (Level-1) password for non-university services. If you use your UMICH email address and password to establish a personal account (for example, at LinkedIn), and that information is exposed in a data breach, your UMICH account is now at risk. If you have used your UMICH… Read More »
Co-founded by U-M alums Dug Song and Jon Oberheide, Ann Arbor-based Duo Security sold late last year for $2.35 billion. As one of fewer than 150 privately held companies in the U.S. worth more than $1 billion (known as “unicorns”), Duo became incredibly successful in part by adhering to values besides the bottom line, such as inclusion and community. … Read More »
A new computer processor architecture developed at U-M could usher in a future where computers proactively defend against threats, rendering the current electronic security model of bugs and patches obsolete. Called MORPHEUS, the chip blocks potential attacks by encrypting and randomly reshuffling key bits of its own code and data 20 times per second—infinitely faster than a human… Read More »
No matter what your job at U-M, you have a role to play in implementing the new information security standards and the revised Information Security (SPG 601.27) policy. Your responsibilities could include: Participating in data protection training Reporting suspected or actual IT security incidents Learning and using secure coding best practices Configuring systems to meet minimum security requirements… Read More »
UM-Dearborn ITS has kicked off a new initiative to encrypt users’ endpoint devices (laptop and desktop computers). This effort dramatically improves the way UM-Dearborn secures its endpoints, and the data and services they touch. In addition, it helps bring campus in line with U-M IT security policies and standards. The effort initially rolled out to two departments that… Read More »