At the University of Michigan, we strive to keep our data and systems secure. In order to do so, ITS Information Assurance (IA) routinely monitors U-M systems and devices for vulnerabilities, sensitive data, suspicious processes and programs, and malicious connections.
What Cybersecurity Data We Collect
- User Login Information
Such as logged-in user name, login time, login location
- Session Information
Such as programs run and file names accessed by the endpoint protection software, network connection information
- Device Information
Such as device name and type, operating system, vulnerabilities found, installed applications, device security settings
- Data Identified as Sensitive
Last four digits of data that look like Social Security numbers (SSNs) and credit card numbers
How We Use Cybersecurity Data
The University of Michigan uses cybersecurity data to protect the security and integrity of U-M systems and resources. Cybersecurity data is used for:
- Sensitive Data Protection
When we check for possible SSNs and credit card numbers stored unnecessarily or in inappropriate places.
- IT Security Incident Detection and Response
When we identify suspicious processes and programs, as well as malicious internet connections.
- Approved U-M Investigations
When we support legal investigations and institutional efforts to protect the safety, property, or rights of the university, its community members and guests.
Collection, access to and use of cybersecurity data is governed by the U-M Standard Practice Guide, primarily Privacy and the Need to Monitor and Access Records (SPG 601.11), Information Security (601.27), and Information Security Incident Reporting (601.25). Additional IT policies and laws & regulations may apply.
How We Collect Cybersecurity Data
All cybersecurity data is collected electronically via automated processes in the following circumstances:
- All machines connected to the U-M network are scanned for vulnerabilities every other month. Units can also request monthly and on-demand vulnerability scanning, or create their own vulnerability scans.
- MiWorkspace computers and storage are checked for sensitive data twice a year. Non-MiWorkspace units can request their unit’s computers and network storage to be included in the Sensitive Data Discovery checks.
- Most UM-owned laptops, desktops, and servers have endpoint protection software installed on them.
How We Share Cybersecurity Data
The University of Michigan does not sell or rent cybersecurity data. We share it with:
- Service Providers
That enable U-M scanning processes, such as CrowdStrike and Tenable. We strive to require our service providers to keep your personal information secure and use it only for providing services on the university’s behalf.