Role-Based Security Information
Find out about practices, policies, training, and other aspects of security relevant to your role(s) at UVa:
Security Awareness
The Security and Policy Office has three major areas of responsibility:
- Lead University Information Security Activities
- Formulate and Enforce Information Policy
- Represent UVa Concerning State and Federal Information Issues
Institutional Data Protection Standards
The University has developed official Institutional Data Protection Standards. These standards outline requirements for handling and protecting all the University's institutional data, whether the information is highly sensitive, moderately sensitive, or not sensitive. For a downloadable copy of the current version of the standards (Adobe PDF format) visit the Data Protection website.
Suspicious Email Alerts Website
Want to know if that weird email message you received is a scam or spam? A new Suspicious Email Alerts Page will help you check to see if what you've received is similar to other suspicious or fraudulent emails, phishing scams, or schemes to commit identity theft that are currently circulating at UVa. To make it even easier, subscribe to these security alerts and warnings via an RSS feed.
Remember, if you receive an email with text similar to these messages, DO NOT respond—delete it immediately! Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way. If you receive an email that appears “phishy” and are unsure if it's legitimate, and it is not listed, please report it to us; forward it to our email abuse team.
UVa's Initiative to Reduce Reliance on SSNs
The University is undertaking a comprehensive initiative to phase out systematically its use of Social Security numbers (SSNs), wherever possible. Approved SSN remediation plans must be implemented by July 2009. For more details, visit the SSN Initiative website.
Highly Sensitive Data Protection Policy
The University has issued a new highly sensitive data policy, strictly limiting the circumstances under which sensitive data may be stored on individual-use electronic devices and media, and mandating that strict security requirements be met when such storage is unavoidable. It is the responsibility of individuals to determine if they have highly sensitive data on their device(s) and media and, if so, to ensure compliance with this policy.
Community Security Baselines
What are the best and most secure configurations that system administrators can apply to a computer? Find detailed security configurations for Windows, Mac, Linux, and UNIX.