UM’s info security policy is your guide to securing our data

Find out how to stay safe this Cyber Security Awareness Month

October 12, 2021 —

With cyber threats and breaches increasing exponentially over the last few years, it is essential we all do our part to keep our data safe and protected.

To better protect the information used and shared by the university community, the information security policy, procedure and standards were developed and approved by the UM Board of Governors on Feb. 3, 2020.

“Higher education institutions manage vast amounts of sensitive data involving finance, research, health and more, which makes them prime targets for hacking and malicious breaches of security,” says Patrick McCarthy, director, IST information Security and Compliance.

“With cyber threats and breaches increasing exponentially over the last few years and the requirement to have robust security controls in place to obtain cyber insurance, it is essential we all do our part to keep our data safe and protected.”

The policy, procedure and standards apply to everyone in the university, including visitors, because, as McCarthy notes, we all have a responsibility to keep our data safe and protected.

WHAT DO I NEED TO DO?

Read the policy, procedure and associated standards.

Some standards like the Password Standard apply to everyone, while others like the Workstation Patch Management Standard apply to anyone responsible for managing, updating or maintaining computer systems.

Review these additional tips for online safety.

WHERE DO I GET MORE INFORMATION?

The purpose of the Information Security Policy is to:

ensure the protection of all information and information systems;
mitigate risks associated with theft, loss, misuse, damage or abuse of information systems;
ensure staff, students, faculty and researchers are aware of and comply with provincial and federal legislation;
minimize the university’s exposure to cyberattacks;
ensure that information users understand their responsibilities; and
protect the university from liability.

If you have any questions, concerns or would like more information about your responsibilities, email the Information Security and Compliance team directly at infosec [at] umanitoba [dot] ca.

Thank you for your continued help in ensuring the confidentiality, integrity and availability of the university’s data.

Remember: Information Security Starts with You!

IST Communications

cyber security, Information Security

VP Evolution Project enables Entra MFA for VIP/ESS access on April 3

The VIP Evolution project is a multi-year project, with dedicated resources from Information Services and Technology (IST), Human Resources and Payroll, led by a project board of leaders from across the UM community. The project’s focus is leveraging VIP functionality, reducing risk, and improving the user and employee experience.

Recognizing and combating fraud this tax season

Tax season is a heady time for fraudsters who hope to take advantage of seasonal anxiety to scam Canadians out of their money. Of course, tax season isn't the only time scammers have their way. Two common types of fraud that often threaten organizations are phishing and business email compromise (BEC) scams. These frauds are meticulously designed to appear credible, often leaving individuals and businesses vulnerable to significant losses.