You are here:

Information Security Office (ISO)

The Information Security Office (ISO) continuously strives for daily operational excellence to ensure the confidentiality, availability, and integrity of University of Utah information technology systems and data through exploitation of appropriate security resources and best practices.

Helpful Links


 Enroll in 2FA


ISO Quick Links


Tips to Staying Secure Online All Year Long 

Cybersecurity Month


Beware of phishing


 Noteworthy News

 Meet Your Colleagues: ISO Security Assurance

ISO Security Assurance

Guarding against thousands of cyber attacks each week keeps Colby Gray, Security Assurance manager in UIT's Information Security Office, and his dedicated team of security analysts busy.

Read the full Node 4 Article


 

Information Security Policy 4-004

Information Security Policy 4-004, including its accompanying rules has been fully enforceable since April of 2016. If you have questions or concerns, please contact ISO-GRC@utah.edu.


 

UConnect vs. UGuest

Students, faculty, and staff: UConnect is our secure, wireless network. UGuest is not. Always use UConnect when connecting to the network.

First time connecting to UConnect? Follow these instructions.

Secure those passwords! 

Is your password secure enough? Easy-to-guess, "weak" passwords are the main way malicious hackers gain access to system information. Keeping passwords safe and hard to guess is critical to ensure information is not compromised.

Familiarize yourself with the University of Utah's password requirements and guidelines.

SECURITY ADVISORIES

MS-ISAC ADVISORY NUMBER: 2017-028
DATE(S) ISSUED: 03/16/2017

SUBJECT: Multiple Vulnerabilities in Drupal Could Allow for Remote Code Execution

SYSTEM AFFECTED: Drupal Core versions prior to 8.2.7, except 7.54

More MS-ISAC Advisories can be found HERE.

US-CERT Alert (TA17-075A)
HTTPS Interception Weakens TLS Security

Original release date: March 16, 2017

Systems Affected: All systems behind a hypertext transfer protocol secure (HTTPS) interception product are potentially affected.

US-CERT Alerts can be found HERE.

Last Updated: 3/24/17