Information for the IT Security Community
IT Security Community
IIA coordinates the university-wide effort to appropriately protect IT resources and to enable secure education, research, and health care operations under the U-M IT Security Program.
Each unit, school or college has a lead point of contact, the Security Unit Liaison (SUL) who coordinates the unit's IT security activities.
Resources for IT Staff
U-M IT Security Program
Describes U-M efforts to appropriately protect IT resources.
Disaster Recovery/Business Continuity Planning
Templates for and information about IT disaster recovery planning at U-M.
Hardening guidelines for servers and databases that access or maintain sensitive institutional data.
Information Especially for Campus IT Staff
Information from ITS for those administering, managing, or supporting U-M IT services; includes a section with multiple security and anti-virus links.
Information Technology Policies at the University of Michigan
Includes information about policy oversight and approval, as well as IT policy development, and links to general and student IT policies.
IIA Alerts, Advisories, and Notices
IIA informs members of the U-M IT community about IT security vulnerabilities and issues through the use of IIA alerts, advisories, and notices
Network Printing Best Practices. Printers placed on public IP space can experience a number of problems. The most common complaints are the device printing spam or gibberish on large amounts of paper. Protect your printers from these and other attacks by following these printing best practices.
Risk Analysis (RECON)
RECON (Risk Evaluation of Computers and Open Networks) is a risk assessment methodology used to assess threats and vulnerabilities to U-M systems and applications that are either mission critical and/or store sensitive data.
Third-Party Vendor Security and Compliance Assessment
A questionnaire and guidance for reviewing the security and compliance of external service providers that access, maintain, or process sensitive institutional data.
Network scans to identify known, detectable vulnerabilities.