Posts

Rule 4-004D focuses on user access, which must be strictly controlled to ensure the safety of the university’s IT systems, resources, and data.

The University of Utah’s Data Classification and Encryption Rule (4-004C), which supports Information Security Policy (4-004), outlines how to protect the U’s data through classification, encryption, and retention.

Rule 4-004B outlines how the university will secure IT systems that interact with university data and provides guidance on how to assess, prepare for, and handle information security risks.

You are not powerless against online threats and attacks. In fact, a few simple actions can make a big difference toward securing your data and devices. For Cybersecurity Awareness Month, the Information Security Office will share some resources to get you started.

The U will upgrade the Cisco Secure Email Encryption Service to make it easier to access encrypted emails. Email recipients will no longer need to create a CSEES account to access encrypted emails and attachments.

Acceptable Use Rule (4-004A) defines acceptable, unacceptable, and legitimate uses of the university’s technology.

On August 8, 2022, UIT will deploy KnowBe4’s Phish Alert Button to all UMail accounts at the University of Utah and University of Utah Health. The button enables users to more easily report phishing messages and other suspicious emails.

Policy 4-004 outlines all the university’s IT security rules, which help protect the university, its IT systems and resources, and data. It also ensures compliance with local, national, and international laws, industry regulations, and business agreements.

The U’s Information Security Office (ISO) recently launched the Phish Tank, an awareness and educational website with information on phishing tactics and common red flags. Examples of known phishing attacks are coming soon.

Personally identifiable information (PII) should not be handled via email because it is an inherently insecure mechanism to transmit and receive restricted and sensitive data.