The Protect IU Blog

  • Mobile Device Security Shakedown PT.1 iPhone

    The Apple iPhone is, arguably, the most popular and recognizable icon of the smartphone industry. If you’ve never owned one, chances are you have seen one or dreamt of the care-free life depicted in every iPhone commercial. While smartphones have brought to our fingertips the vast knowledge contained in the Universe and video of your buddy’s newest kittens in costumes, these devices are also a repository for some of our most valuable information.

    Read the rest

  • IU Police Department Indianapolis offers traffic safety tips

    With the addition of new student housing and cafeterias at Indiana University-Purdue University Indianapolis as well as academic classrooms, all of which are located in the Tower and Hine Hall, pedestrian traffic is expected to be much heavier than in previous years. Drivers, bicyclists and pedestrians all play a part in traffic safety. Below are a few tips to keep everyone safe as they navigate their way through campus.
    Drivers need to:
    •    Slow down and obey the posted speed limit.

    Read the rest

    Learn more about protecting:
  • So, here is more emphasis: throw a Lifeline!

    Keeping our students safe is one of the Indiana University’s most important priorities.

    But building a protected community starts at the peer level, student-to-student. All too often, students are reluctant to make the call for help when they or their friends have been consuming alcohol illegally or to excess and someone gets in distress.

    Read the rest

    Learn more about protecting:
  • Can't overemphasize this!

    If someone needs medical assistance and you are in a position to help them, you have a duty to do so.
    The Lifeline Law is there to provide immunity for some alcohol-related offenses, subject to certain conditions, to people who request medical assistance for someone in need or receive medical assistance due to a request by someone else.

    About the Lifeline Law:

    Read the rest

    Learn more about protecting:
  • IU Police Academy graduates 38 new cadet officers

    Indiana University campuses around the state will add new cadet officers to their IU Police Department ranks after the IU Police Academy presented badges to 38 members of its 42nd class. Graduation ceremonies took place Aug. 10 in the Indiana Memorial Union's Alumni Hall in Bloomington.

    The graduating cadet officers were selected from nearly 100 applicants and represent six IU campuses, the most in the academy's history. The new grads will join IU Police Departments on their home campuses this fall.

    Read the rest

    Learn more about protecting:
  • Policy IT-28 Cyber Risk Mitigation

    Updated: August 12, 2013

    IU policy was approved (on May 17, 2013) and now has a new name: Cyber Risk Mitigation Responsibilities (IT-28).

    The approved policy language represents significant evolution based on feedback from the university community. We invite you to review the final version.

    Original post: March 13, 2013:

    Policy Draft IT-28 Provisioning of IT Services

    The University Information Policy Office recently posted and distributed a new policy draft for review, Policy IT-28 Provisioning of Information Technology Services.

    Policy IT-28 was drafted and developed with input from key stakeholders, paying particular attention to the Board of Trustees' concerns related to information and information technology risk — which have been continually highlighted by internal audits and repeated security incidents.

    IT-28 seeks to reduce the university’s exposure to threats and create economic efficiencies by leveraging common IT infrastructure and services to the greatest extent practicable (thereby freeing up resources for unit-specific needs).

    VP for IT and Chief Information Officer Brad Wheeler spoke at a town hall meeting on March 8th on the subject of: “Mitigating Cyber Risks”, which covered the current risk environment, and the development of IT-28.

    Read the rest

  • Product Claims as Compliance Panacea

    IT security and compliance professionals are often asked about products and compliance to industry standards such as HIPAA or PCI-DSS. The vendor of product which someone wants to purchase may state that the product is compliant with a specific industry security standard. As a result, a system administrator or end user may then assume that they no longer need to worry about compliance, presuming that the product has bestowed upon them automatic compliance by virtue of simply using the product. How oh so convenient that would be if only it were true, which it is not.

    Read the rest

  • Apache Struts2 Vulnerability

    A vulnerability in Apache Struts2 is being exploited by attackers as a means to compromise web servers. From the bulletin:

    Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.

    If you are developing web applications in Struts, be advised that you should take action to address the vulnerability.

    Read the rest

    Learn more about protecting:
  • United Front II

    Hot fun in the summertime – oh, yes! Temperatures reached about 95 degrees Wednesday in Bloomington and the humidity was high. So was the possibility that evening of severe thunderstorms with potentially damaging straight line winds. It all combined for a potentially nasty second day of United Front II search and rescue exercises, particularly when the players are wearing fatigues, heavy boots, hard hats, vests and protective respirator masks.
    The collapsed Phi Kappa Psi on North Jordan.

    Read the rest

    Learn more about protecting: