Security & Privacy

October 2, 2015

Cybersecurity Month Event Oct. 22: Demystifying Antivirus Software, RSVP by Oct. 15

antivirus shield

Interested in how antivirus works? Hear the latest, including tactics criminals are using, malware-detection mechanisms, research behind antivirus software, and what you can do to better protect your digital assets when SophosLabs presents on Thursday, October 22, 2:30 p.m. to 4:30 p.m., in UW Tower 4th floor Auditorium. Open to anyone in the UW community at any level of technical knowledge. RVSP to by October 15 for this cybersecurity month event, provided by the UW Office of the Chief Information Security Officer.

August 6, 2015

New Amazon Web Services Offering for UW Now Available

Amazon Web Services logo

UW researchers and technical staff in need of easy-to-deploy, cost-effective computing and related services, including virtualized servers, cloud storage, databases and more, now can use UW-IT Amazon Web Services. This new cloud-based service offering provides appropriate security, privacy and compliance terms for use with UW sensitive and confidential data (protected by FERPA, FISMA, and later HIPAA). It also qualifies for the UW’s new Indirect Cost (F&A) Waiver, resulting in significantly better rates for use of cloud services by research grants, and offers a waiver for data egress fees.

June 2, 2015

Protect Your UW Email: Forward Phishing Spam Message as an Attachment

Phishing Scam warning

When you get an email that you think may be a spam/phishing message—such as one purporting to be from a bank asking you to “click a link” to validate your personal information—don’t. Instead, forward the message as an attachment (see instructions) to, which sends it to UW-IT and to the UW’s anti-virus vendor Sophos to improve their filtering capability. UW Medicine users can also cc Read more about what you can do to protect your UW Email.

May 28, 2015

Report Highlights Office of the CISO's Strategy for Protecting UW’s Information and Privacy

Report cover

What is the UW doing to safeguard its vast amounts of information and data? Read the 2014 Information Security and Privacy Report, which highlights an “assumption of breach” risk-management approach to safeguarding the University’s information assets. This methodology blends intelligence analysis, data visualizations, and user education to understand and mitigate threats to valuable UW data, and promotes a culture of information security and privacy. The Report is published by the Office of the Chief Information Security Officer (CISO), a division of UW-IT.

November 14, 2014

Get UW Computing Tips and More on YouTube

cartoon drawing

A new two-minute video with tips on safeguarding your personal data and UW institutional information is now available on the UW-IT YouTube Channel. View the closed-captioned Top 12 Smart Computing Tips, created by the UW Office of the Chief Information Security Officer, for an entertaining reminder of how to keep your data safe. Note also two other videos on tech workshops and services specifically for UW students.

September 10, 2014

Public Records Act: Helpful Tips for UW Faculty and Staff

file cabinet with words Public Records

Did you know that almost every communication is a public record? UW faculty and staff can learn more about how to handle a public records request and get a handful of other key tips on a new Public Records Act page in IT Connect. There is a link to the Washington State Public Records Act as well as to the UW Public Records and Open Meetings Office, plus other helpful information.

April 14, 2014

New Web Vulnerability: “Heartbleed”—What You Should Know

bleeding heart graphic

A major Web security vulnerability named “Heartbleed” was disclosed by security researchers last Monday afternoon. It affects a large portion of websites on the Internet that use OpenSSL to encrypt Web traffic (pages that start with https), and could enable remote attackers to steal sensitive information such as passwords from a vulnerable server’s memory.

At the UW, the Weblogin servers, which handle authentication of your UW NetID passwords before you can access online services, were patched less than 24 hours after disclosure and are no longer vulnerable. Other critical servers managed by UW-IT were similarly remediated.

At this time, UW-IT staff have found no evidence that NetID passwords were successfully captured by malicious attackers. However, this is a good time to review your password habits. Here’s what you can do:

  • Change your UW NetID password if you have been re-using it for other accounts. Your UW NetID password should be different from passwords you use elsewhere.
  • Do not click links in unexpected emails that ask you to reset you password or otherwise disclose personal information.

Details for the UW community about Heartbleed, including FAQs and resources, are available on the UW Office of the Chief Information Security Officer (CISO) website. Please contact if you have questions.

April 9, 2014

UW CISO 2013 Annual Report on Information Security and Privacy

UW Husky dog

The 2013 Information Security and Privacy Annual Report by the UW Office of the Chief Information Security Officer (CISO) is now available online. Read about CISO’s work to deliver information, tools and resources about securing personal and University data, computing devices, and information systems. Check out Dubs’ Dos and Don’ts of UW Data Privacy and find out how to detect phishing threats. ­You also are invited to enter a privacy-themed caption contest for the cartoon on the inside front cover by May 1.