Technology is the infrastructure of society. Whether it's writing better code or designing a more secure network, the need to safeguard our valuable information technology resources has never been higher.

Site Pages

ERM at Indiana University
Today's smart phones aren't just fancy phones -- they're small, complex computers that must be secured appropriately.
Samples, checklists, and templates for documenting IT compliance, provided by UITS IT Professional Services & Support.
The U.S. Customs and Border Protection (CBP)can inspect, and confiscate, electronic devices such as laptops, cell phones, PDAs, and storage devices.
This material is meant as a guide for department administrators and technicians working to minimize the chance of an IT security breach on Indiana University computer systems, telecommunications, or other information technology systems.
It's important to know what options are available to get your file from point A to point B and to understand whether the method you choose provides adequate security given the sensitivity of the data being transferred.
Security and Privacy Principles are intended to provide high-level guidance for Indiana University's Security and Privacy Program.
An Information Security Program is a "methodical, programmatic approach to implementing and managing security within an organization.
Protect.iu.edu is your source for everything security-related at Indiana University.
The UIPO Incident Response team sends dozens of email notifications to the University community to alert people to computer and account compromises and malicious activities.

Recent Security Bulletins

  • This bulletin details four recently published, critical rated, vulnerabillies in Adobe ColdFusion and ways to mitigate the risk of them being exploited including the hotfix for supported versions.
  • As the use of Java applets on websites continues to diminish and in light of the rash of recent vulnerability exploits, the implications of installing Java for use in web browsers should be considered carefully.
  • On January 10, 2013, security researchers reported a zeroday vulnerability in Oracle Java 1.7u10.
  • On November 5th, 2012, the United States Computer Emergency Readiness Team (US-CERT) website announced their researcher had discovered a vulnerability in the way some versions of Symantec Endpoint Protections handle CAB files. This vulnerability may allow an unauthenticated remote or local attacker to execute arbitrary code with SYSTEM privileges on a targeted computer.
    • Read the PSIA Blog
    • IU Notify
    • Crime Prevention Tips from IUPD
    • Request Assistance from Environmental Health and Safety
    • Secure Your Computer