University of Michigan | ITS | Safe Computing

Home Students Faculty & Staff IT Security Community

Report an IT Security Incident

About IIA

F.A.Q.

Home

Services

Attack Recognition and Mitigation

IIA offers network monitoring that can provide a department, unit, or research team with information about who is using the network, the applications being used, and when the network is used. This information is useful for detecting activity that indicates potential security and policy violations and for resolving these issues.

Educational Materials and Activities

IIA develops materials and activities to help educate the campus community on IT security topics. These materials include online how-to documentation for those who manage their own computer security and various events aimed at students, faculty and staff.

Incident Response

IIA has established an incident response team to provide the university with rapid identification, analysis, and response to an incident. Please report all incidents to the unit security coordinator designated by your school, college, or department or to your IT department. If you don't know where to report an incident, please contact security@umich.edu. For more information, see Report an IT Incident.

Managed Security Services

IIA offers Managed Security Services to units needing assistance with performing information security coordination and administration activities. Through this pilot program, one IIA Information Security Coordinator will work with the unit to provide consistent, reliable information security services, which are listed on Managed Security Services.

User Advocate

The User Advocate works within the University of Michigan community to ensure that U-M information technology policies and guidelines are followed. The User Advocate has the resources to enforce compliance through a variety of means, including temporary denial of service (removing access to university-sponsored e-mail and other services, including the Internet). Typical duties include:

Receiving and investigating reports of U-M technology and information policy violations as they pertain to U-M-provided resources.
Coordinate problem-solving with other campus units—including Student Affairs, Public Safety and Security (DPSS), and other U-M information technology service providers.
Providing IT policy interpretation and information to help students, faculty, and staff understand university and departmental policy, including the responsible use of shared resources.
Engaging in outreach activities, including general community education.
Contributing to campus-wide security and security education projects and initiatives.

Vulnerability Scanning and Security Analysis

IIA will work with U-M system administrators or with researchers who are managing their own computers and systems to discover security vulnerabilities in their networks. Depending on the need, IIA can perform network scanning upon request or on an automatic schedule. IIA will also provide units with assistance interpreting the scanning results.

Vulnerability scans performed by IIA will cover the SANS Top 20 Internet Security Vulnerabilities. That list was created by the National Infrastructure Protection Center (NIPC) and the SANS organization to catalog the most critical vulnerabilities, ten specific to Windows systems and ten specific to UNIX systems. Specifically, exposure to these vulnerabilities will be probed.