You are here:

Information Security Office (ISO)

The Information Security Office (ISO) continuously strives for daily operational excellence to ensure the confidentiality, availability, and integrity of University of Utah information technology systems and data through exploitation of appropriate security resources and best practices.

Helpful Links

Enroll in 2FA

ISO Quick Links

Noteworthy News

Tips to Staying Secure Online All Year Long 

Cybersecurity Month

UConnect vs. UGuest

Students, faculty, and staff: UConnect is our secure, wireless network. UGuest is not.

First time connecting to UConnect? Follow these instructions.

Secure those passwords! 

Familiarize yourself with the University of Utah's password requirements and guidelines.

Beware of phishing

2017-06-14: Take action: Critical Patches Issued for Microsoft Products

A high-risk security vulnerability is currently being exploited in the wild. The vendor released patches for this vulnerability and University of UT IT administrators are asked to patch as soon as possible.

If you have any questions, please contact your designated help desk or one of the central help desks: UIT Help Desk: 801-581-4000 option 1;  University Hospital/Health Service Desk: 801-587-6000.

Dr. Randy Arvay named CISO

The University of Utah has hired Randall (Randy) J. Arvay as the new chief information security officer, effective May 22, 2017. Arvay comes to us from The University of Mississippi Medical Center, where serves as CISO.

Randy Arvay, CISO


Information Security Policy 4-004

Information Security Policy 4-004, including its accompanying rules has been fully enforceable since April of 2016. If you have questions or concerns, please contact



Security Advisories

2017/07/07: Multiple Vulnerabilities in Google Android OS and PHP

2017/06/28Threat Intel Committee advisory on Petya

2017/06/15: ASPR/CIP HPH Cyber Notice: Hidden Cobra and Microsoft Updates

MS-ISAC Advisories can be found HERE.

US-CERT Alert (TA17-075A)
2017/03/16: HTTPS Interception Weakens TLS Security

Systems Affected: All systems behind a hypertext transfer protocol secure (HTTPS) interception product are potentially affected.

US-CERT Alerts can be found HERE.

Last Updated: 7/10/17