Michigan Medicine recently achieved a significant goal of ensuring that 100 percent of all devices connecting to its internal network by wire are accounted for, categorized by device type, and secured with the necessary protocols required to protect two-way communication from cyberattacks. A program to enhance network security and identify all electronic equipment connecting to Michigan Medicine internal resources… Read More »
For nearly a year, Michigan Medicine has used AirWatch to provide the required encryption and information assurance necessary to safely access secure internal resources on smartphones, tablets, and laptops. The organization’s policy requires staff to enroll personally owned devices in AirWatch if they are used to access the internal wireless network or share sensitive healthcare information. Health Information Technology & Services… Read More »
The flight is booked, the reservations made. You’re about to embark on your research trip to another country, time zone, continent…maybe all of the above. Understandably, you’ve focused on the logistics, and now you’re focused on the research fun. But, if you want to ensure a crisis-free experience, there’s another travel plan you need to make: the IT… Read More »
If you use a wireless internet connection at home, secure your network so that only those you allow can access it. There are two basic steps to securing your home wireless connections: Update all your Internet-enabled devices with the latest operating systems, web browsers, and security software. This includes any mobile devices that access your wireless network, such as… Read More »
Security is everyone’s responsibility. If you use your personal devices—smartphone, laptop, tablet, and so on—for work, you are responsible for appropriately securing and managing them, as well as for meeting the obligations described in Security of Personally Owned Devices that Access or Maintain Sensitive Institutional Data (SPG 601.33). Your unit may have additional restrictions beyond those found in… Read More »
You can deploy Passwordstate in your unit under a U-M license that covers use by U-M faculty, staff, and students on all U-M campuses. Passwordstate allows teams of people to access and share sensitive password resources and is typically used for managing elevated and administrative passwords, as well as passwords for smaller proprietary systems, such as research databases.… Read More »
Rolling out what it’s calling a “street view for cyberspace,” Censys—a tech startup based on technology developed at the university—has launched a commercially available version of its internet-wide scanning tool. Based on technology developed in the lab of computer science and engineering professor J. Alex Halderman, Censys continuously scans the internet, analyzing every publicly visible server and device.… Read More »
Beware: Identity thieves can file fraudulent tax returns in your name and steal your tax refund. Last year, criminals filed false returns for people across the nation, including several U-M employees. Information Assurance (IA) offers the following tips to help you protect yourself from identity theft and tax fraud: Turn on two-factor authentication for Weblogin to add extra… Read More »
Before you get rid of any device you have used to work with, store, or access sensitive university data, you must make sure it is securely erased (sanitized). This keeps university data—and your personal information—from falling into the wrong hands. University-owned devices Sanitization and disposal of MiWorkspace devices is handled by MiWorkspace staff. Others who are responsible for… Read More »
Shortened URLs, such as those from bit.ly and goo.gl, make it easy to type in a web address quickly but hard to tell where your web browser will actually take you. Before clicking a shortened URL, check for the full URL. Most URL shorteners—including those used at U-M—include a preview feature. In addition, there are several URL checkers… Read More »
A new white paper by U-M researchers working with Mcity illustrates the breadth of the cybersecurity challenges that must be overcome before autonomous and connected vehicles can be widely adopted. While every new generation of auto tech brings new security risks, the vulnerabilities that come along with advanced mobility are both unprecedented and under-studied, the paper states. The… Read More »
There’s a new address for reporting phishing emails at U-M: ReportPhish@umich.edu. Previously, people were asked to report phishing to the IT User Advocate at abuse@umich.edu, Information Assurance (IA) is now asking that these reports go to ReportPhish@umich.edu instead. We’ll use the new address for the UM-Ann Arbor campus, but Michigan Medicine is going to hold off on rolling out… Read More »
LSA instructors who assign Canvas in-class exams now have a way to secure the testing environment with the LockDown Browser. Taking a Canvas exam in the LockDown Browser prevents users from copying, pasting, printing, accessing other applications, or visiting other websites during an online exam. Interested in learning more about how to give secure in-class exams in… Read More »
It takes the entire U-M community to help protect against cyber threats. That’s the message on posters sent to Security Unit Liaisons at the end of November. The 11 by 17-inch posters stress that IT security is a shared responsibility, and we all have a part to play. In particular, they urge people to secure and protect any… Read More »
Are you interested in providing anti-phishing education through self-phishing in your unit? If so, be aware that any U-M unit considering such an effort is expected to abide by self-phishing guidelines and norms from Information Assurance (IA). The guidelines are intended to contribute to the success of your anti-phishing efforts and to share IA expertise based in part… Read More »
UM-Dearborn’s College of Business will offer a new Information Systems Security minor beginning this winter as a response to the growing digitization of business data. The 15-credit minor may not have been essential to business five years ago, but it is today, said Information Systems Management Associate Professor Jun He. “Although businesses have always known there’s a security risk when going digital, having a… Read More »
The 13th annual Security at University of Michigan IT (SUMIT) was held on Thursday, October 19. More than 550 people attended SUMIT 2017 either in person at Rackham Auditorium or virtually via the live stream throughout the day. This number represents more than 170 universities, corporations, small businesses, and nonprofits from around the country. This year, the university’s… Read More »
With the holiday season just around the corner, you may be getting ready to do some online shopping. See Online Shopping Tips to Protect Your Personal Information on the Safe Computing website for tips to help you protect your personal information and devices when you shop online. The tips fall into three categories: Secure your environment Know who… Read More »
For the past thirteen years, Information Assurance (IA) has engaged UM-Ann Arbor students, including medical students, with a basic quiz designed to raise awareness of IT security issues. This year’s quiz resulted in the highest completion rate yet! From October 30 through November 3, 2017, a total of 7,864 students participated. This is 17 percent of those who… Read More »
A security-token necklace, ear buds, or eyeglasses developed at U-M could eliminate vulnerabilities in voice authentication—the practice of logging in to a device or service with your voice alone. “Increasingly, voice is being used as a security feature but it actually has huge holes in it,” said Kang Shin, professor of electrical engineering and computer science at U-M.… Read More »