Go Directly to Page Content
Go Directly to Site Search
Go Directly to Site Navigation
ITS Safe Computing

IT Security Community

IIA coordinates the university-wide effort to appropriately protect IT resources and to enable secure education, research, and health care operations under the U-M IT Security Program.

Each unit, school or college has a lead point of contact, the Security Unit Liaison (SUL) who coordinates the unit's IT security activities.

Attention SULs: Implement SPG 601.33 by Dec. 31

Security Unit Liasons should be working with their unit leadership to implement Security of Personally Owned Devices that Access or Maintain Sensitive Institutional Data (SPG 601.33). IIA is providing implementation support and progress tracking. Implementation should be complete by December 31, 2014. Implementation resources for units and individual users are provided at University Data and Personally Owned Devices. Want to see how one unit implemented additional restrictions? See Sample Unit Standard (ITS).

Resources for IT Staff

  • U-M IT Security Program. Describes U-M efforts to appropriately protect IT resources.
  • Hardening Guides. Hardening guidelines for servers and databases that access or maintain sensitive institutional data.
  • Risk Analysis (RECON). RECON (Risk Evaluation of Computers on Open Networks) is a risk assessment methodology used to assess threats and vulnerabilities to U-M systems and applications that are either mission critical and/or store sensitive data.
  • U-M Security Provider Security-Compliance Questionnaire v.1 (UMSPSCQ). The UMSPSCQ is the U-M standard tool for reviewing the security and compliance posture of external service providers that access, maintain, or process sensitive institutional data.
  • Vulnerability Scanning. Network scans to identify known, detectable vulnerabilities.