You are here:

Information Security Office (ISO)

The Information Security Office (ISO) continuously strives for daily operational excellence to ensure the confidentiality, availability, and integrity of University of Utah information technology systems and data through exploitation of appropriate security resources and best practices.

Helpful Links

Enroll in 2FA


ISO Quick Links


Noteworthy News


Tips to Staying Secure Online All Year Long 

Cybersecurity Month


UConnect vs. UGuest

Students, faculty, and staff: UConnect is our secure, wireless network. UGuest is not.

First time connecting to UConnect? Follow these instructions.


Secure those passwords! 

Familiarize yourself with the University of Utah's password requirements and guidelines.

Beware of phishing

2017-06-14: Take action: Critical Patches Issued for Microsoft Products

A high-risk security vulnerability is currently being exploited in the wild. The vendor released patches for this vulnerability and University of UT IT administrators are asked to patch as soon as possible. 

https://portal.msrc.microsoft.com/en-us/security-guidance

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/40969d56-1b2a-e711-80db-000d3a32fc99

https://technet.microsoft.com/en-us/library/security/4025685

https://support.microsoft.com/en-us/help/4025687/microsoft-security-advisory-4025685-guidance-for-older-platforms

If you have any questions, please contact your designated help desk or one of the central help desks: UIT Help Desk: 801-581-4000 option 1;  University Hospital/Health Service Desk: 801-587-6000.


Dr. Randy Arvay named CISO

The University of Utah has hired Randall (Randy) J. Arvay as the new chief information security officer, effective May 22, 2017. Arvay comes to us from The University of Mississippi Medical Center, where serves as CISO.

Randy Arvay, CISO


 

Information Security Policy 4-004

Information Security Policy 4-004, including its accompanying rules has been fully enforceable since April of 2016. If you have questions or concerns, please contact ISO-GRC@utah.edu.

 

 

Security Advisories

2017/07/07: Multiple Vulnerabilities in Google Android OS and PHP

2017/06/28Threat Intel Committee advisory on Petya

2017/06/15: ASPR/CIP HPH Cyber Notice: Hidden Cobra and Microsoft Updates

MS-ISAC Advisories can be found HERE.

US-CERT Alert (TA17-075A)
2017/03/16: HTTPS Interception Weakens TLS Security

Systems Affected: All systems behind a hypertext transfer protocol secure (HTTPS) interception product are potentially affected.

US-CERT Alerts can be found HERE.

Last Updated: 7/10/17