New Security Web Site

security

Whether you’re worried about email scams, trying to choose a good password, or deciding if an internet service will keep your data safe, OIT’s new Security web site has advice and answers.

Newly organized around communities with various needs, you can find information collected for your University role (faculty), the information you work with (student records), a question you have (encryption), or services you need (security certificates), you can now find help quickly and easily.

OIT’s IT Security team watches for the latest threats and solutions, follows changes in law and policy, and is ready to advise UCI affiliates in balancing business efficiency, risk mitigation, and privacy protection.  And if you need help you can’t find on the web site, feel free to email security@uci.edu

OIT Does That?

OIT is a diverse organization, responsible for many campus services.  This is the first in a series of articles highlighting OIT activities you may not be aware of.

OIT Operators

Campus Operator

When anyone “calls UCI,” they reach the campus operator, who cheerfully answers questions, gives directions, or figures out the person or department the caller needs.

Led by Gayle Bonham, the operator staff includes a group of bright and friendly students ensuring callers to UCI have a good impression of the campus.

Gayle has worked for UCI for 25 years, starting as a temp, then working for the Medical Center before coming to OIT.  Her favorite part of the job is getting to know people all around the campus.  She says, “I enjoy helping people and putting a smile on their face.”

If you need help reaching someone at UCI by phone, call 824-5011, and Gayle or her “angels” will direct you to the right place.

In Brief December 2015

latest news

  • OIT encourages all faculty and staff to log into UCLC and take the UC Cyber Security Awareness Training ecourse.
  • An improved user interface for Webfiles will be introduced during Winter quarter.  Users are invited to log in to the test server, create an account, and test-drive the new version.
  • Users of UCI’s O365 email service should be watching their clutter folder, a new feature intended to reduce junk email.  If this feature is not helpful, you can turn it off in Outlook or OWA under Settings / Mail / Automatic processing.

Your Password is like a Toothbrush

password
Treat your password like your toothbrush: choose a good one, change it regularly, and don’t share it.

Your UCInetID is your gateway to online services at UCI.  Like a skeleton key, it serves as your single credential for most network services on campus.  Use of a UCInetID and password by anyone other than the owner can result in exploitation of UCI resources, loss of personal and university information, and other potentially severe consequences.

You are responsible for anything done with your UCInetID.  Keep your UCInetID password to yourself.  Don’t share it, don’t keep it in a computer file, and don’t write it down.

IT security is a responsibility we all share.  Many cyber-security breaches begin with an innocent but incautious act.  Let’s all keep UCI safe.

Annual UCInetID Password Change Policy

password

In response to escalating threats to information security, the Office of Information Technology is working on multiple fronts to strengthen protections. One of the steps we will be taking is to require that UCInetID passwords be changed annually.

Your UCInetID is your key to UCI online services. Use of a UCInetID and password by anyone other than you can result in exploitation of UCI resources, loss of personal and university information, and other potentially negative consequences.

There is a plethora of “malware” on the Internet: on web sites, downloaded via email, and on potentially infected public computers. This software often quietly collects passwords for later use by unscrupulous individuals. The longer you use a given password, the greater the chance it may be captured and misused. Changing it periodically helps you insulate yourself before a thief has an opportunity to use it.

Between January and June 2016, we will be incrementally rolling out a process to require changing UCInetID passwords older than one year. You will receive a series of email notifications starting one month before the change is required. Once that month has passed, a UCInetID whose password has not been changed will be deactivated. It will then need to be re-activated via an online process.

Although UCI Google and Office 365 passwords are not yet linked to UCInetID passwords, we recommend that you change all of these annually as well.

We appreciate your support of this new policy and other security initiatives. Given the imperfect protection that passwords provide, we are also working to implement expanded use of “multifactor authentication”. This involves exchanging a token with a smartphone or other device in addition to entering a password when accessing sensitive campus resources.

For additional information on the new password policy, including advice on choosing a good password, please see www.oit.uci.edu/ucinetid/password-policy/. If you have additional questions, please contact the OIT Help Desk (oit@uci.edu, 949-824-2222).