Work on IT security is advancing at a rapid pace. We thank all the units for their collaboration and assistance in making the rollout smooth. We’re providing an update on the security initiatives so that you see the big picture and know what is planned.
Later this fall, a new initiative will be underway to offer an improved service that is more efficient for password management:
- Self-Serve Password Reset (SSPR)
- This initiative will provide users with a new self-service and password reset tool. Following industry best practices, it will allow users to self-enroll, without needing to contact the Service Desk. From there, they will be able to choose an easy and convenient way to regain access to their account should they forget their password: registration for a recovery email or user-provided security questions and answers – allowing the University community a quick and easy way to recover their uoAccess credentials.
Progress has been made on the other security initiatives mentioned earlier this year:
- Disk encryption
- We’ve completed 45% of the sectors, resulting in over 350 workstations encrypted.
- Services have been scheduled, working with faculties to onboard them between now and the first quarter of 2019.
- Aimed at non-teaching staff (especially staff using laptops) to protect data should the device be lost or stolen.
- Workstation security optimization
- 45% of the sectors are done, and this means over 1000 workstations have security that has been optimized.
- Established a software request process and built an approved list of software for installation.
- Services are scheduled, working with faculties to get this done by the end of first quarter of 2019.
- Aimed at non-teaching staff to reduce malware on machines.
- Multi-factor authentication (MFA)
- More pilot groups have been added; they’ve been using MFA during the summer and the feedback has been positive!
- Currently working on the campus-wide approach and rollout strategy.
- First applications requiring MFA to support staff will be VPN and the new Banner 9 ERP system by April 2019.
- Aimed at employees, to reduce multiple risks surrounding authentication and access to systems and applications.
- Privileged access management (PAM)
- The pilot project was expanded to include additional small groups in Information Technology, faculties and services.
- Deployment to others in Information Technology, faculties and services will occur between now and first quarter of 2019.
- PAM and MFA together! We have turned on MFA for pilot users using the PAM system.
- Aimed at select staff in Information Technology, faculties and services who administer servers.
- Malware protection for University computers
- As a first level of security, the Sophos software protects your computer against viruses and other malware. Periodically, we need to implement a major software upgrade to benefit from added features.
- Since April, we’ve upgraded Sophos on 5500+ computers, 90% of our goal. We are working to have the majority done by the end of September.
- Consolidating the login pages for major web applications
- In mid-July, we improved the user experience and made things simpler by implementing one look and feel for login pages of approximately 25 applications, including uoZone, VirtuO, BrightSpace, and Gmail.
A lot of effort is going into tightening IT security at the University. Looking ahead at October, we will be joining the international community in highlighting it as cyber security awareness month. Information about important security threats and tools will be provided to help the University community assist in doing their part; after all, security is everybody’s business.