We all have a role to play in protecting U-M's data and the systems that store and handle it. To support that role, we need to educate ourselves and others as outlined in Information Assurance Awareness, Training, and Education (DS-16).
- Faculty, staff, and students. Take advantage of the resources here on the Safe Computing website and elsewhere to help you learn to protect yourself and the university from cyber threats.
- U-M units. Require training as appropriate for users of your unit systems and services that store or process sensitive university data.
Resources to Share
- Be Aware of the most common IT security threats.
- Digital Signs—IT Security (U-M login required). Digital sign versions of IA security posters are available to the U-M community in a Box at U-M folder.
- Events related to cybersecurity and privacy sponsored by IA and others.
- IA Publications to keep you informed about IT security and privacy at U-M.
- IT Security Posters & Brochures. Post and distribute these to help educate your colleagues, friends, and others about key security issues.
- Michigan Medicine Information Assurance Educational Resources. Posters, videos, and other resources from Michigan Medicine to promote IT security and privacy.
- Protect Yourself by securing your devices, managing your passwords, and traveling safely with technology.
- Safe Computing section of Michigan IT News. Includes tip articles with recommendations for rotecting your devices, recognizing phishing, traveling with technology, and more.
Education and Awareness Videos
- Video: Securing U-M
Securing U-M's open, academic environment by balancing security, education, openness, privacy, academic freedom, and free thought and expression. - Video: Privacy - We Are Our Choices
Pervasive data collection can mean a loss in privacy. The choices we make can determine how much privacy we lose. - Video: Protect Yourself & the University from Spear Phishing
Phishing emails try to trick you into revealing your password and other private information. This puts you and U-M at risk. Don't be fooled. - Video: Report an IT Security Incident
What to watch for and how to report potential IT security incidents at U-M. - Video: Safe Computing When Traveling
Planning a big trip or a small excursion? - Video: Secure Your Devices: For You and the U
Smartphones, tablets, and laptops are great! Personal devices keep us connected and make us more productive.
U-M Cybersecurity Basic Training
- Look Before You Click. Beware of Phishing! (in My LINC) Learn about the practice of phishing, including spear phishing. Recognize clues that reveal phishing emails, inspect links in suspicious emails, identify what to do if you are not sure about an email, and take corrective steps if you take the bait.
- Don't Fall for Phish! Test your phish detection skills in this U-M online training. You will review email messages and decide which are phishing scams and which are legitimate messages. You'll also get to review the clues that indicate phishiness.
- Anti-Phishing Education: Simulated Phishing. IA provides consultation, reviews, and approvals for units interested in doing simulated phishing for educational purposes.
- Using Your Devices Securely with U-M Data. Learn how to set up your device and manage U-M data at home and abroad.
- Copyright Compliance Quiz. Test your knowledge of what you can and cannot share from your computer and mobile devices.
Data Protection Training
The online training courses below are available to any interested faculty member, staff member, or student at no charge. Some individuals may be required to take them based on the work they do at the university. To have any of these courses required of and assigned to those in your unit, contact info-assurance@umich.edu.
- DCE101 U-M Data Protection and Responsible Use (in My LINC). Recommended training for all members of the university community. This is the companion training that goes along with the attestation to the Institutional Data Access and Compliance Agreement that is required for access to some systems. Some systems require annual reattestation for access.
- Graduate Student Research Assistants (GSRAs) Protecting Data GSRAs can start here to understand their shared responsibility to protect sensitive data.
- ITSE101: HIPAA and Protected Health Information: What ITS Staff Need to Know (in My LINC). Required training for Information and Technology Services (ITS) staff and some others who may have access to systems containing HIPAA data.
- ITSE102: Payment Card Industry Security Standards and ITS (in My LINC). Required training for staff who may have access to systems containing PCI data.
- ITSE202: Advanced PCI Training (in My LINC). Required training for staff with access to systems containing PCI data.
- ITSE106: Securing Controlled Unclassified Information (in My LINC). Required for staff or researchers who work with CUI data or with the systems used to store CUI.
Specialized Cybersecurity Training
- Cybersecurity Training by Merit Professional Development. IA has purchased a limited number of seats in several Merit cybersecurity training courses throughout the 2019-20 academic year for interested U-M faculty and staff.
Applicable University Policies
You are responsible for complying with the policies and standards below. The requirements on this page help you meet that responsibility.