Search11 Results

The goal of the Information System/Data Flow Diagram is to capture the main components of an Information System, how data moves within the system, user-interaction points, and the Authorization Boundary. Think of this diagram as conceptual rather than technical, multiple systems can be abstracted together, and there's no need to detail every network connection. The Authorization Boundary describes the limits of the Information System which pieces are currently being assessed. Information Systems often depend on other Information Systems, but those other Information Systems will be assessed independently, and their risk factored into the current Information System.

The university requires a secure and reliable method of identifying members of its community for access to electronic data resources. This requires collecting and maintaining identifying attributes, ensuring that electronic identities match the appropriate persons, and mechanisms to authenticate and authorize use of those identities. College and department staff known as Primary Identity Coordinators and Identity Coordinators are responsible for creating and maintaining accurate contact and demographic information on individuals affiliated with the University of Florida. Identity Administrators have the similar ability as coordinators but may be in contact with more restricted information that is not disclosed or changed often. Departmental Security Administrator's (DSA) are responsible for granting and removing roles and permissions for access to administrative computer applications for people in their department, college or division.

The UFIT Information Security Office responds to requests for eDiscovery, or electronic discovery, services. eDiscovery refers to the process of identifying, collecting, and producing electronically stored information (ESI) in response to requests for information in legal cases, public records requests, or investigations.

You are the only one who can protect yourself against malicious Internet activity. Please educate yourself, at the link above, so your online experience is safe.

For issues regarding the use of the GatorLink Passwords, Access Request System, or any other questions regarding Identity Access Management, please contact the UF Computing Help Desk, (352)392-HELP(4357). For role requests or myUFL access issues, contact your Department Security Administrator. If you need assistance with your Identity Registry profile please contact your Identity Coordinator .

DSA Authorization Form (PDF). This form is used to designate a Department Security Administrator (DSA) for your area, or to initiate a security role change when your DSA transfers to another UF unit. This is is also the form to submit when your DSA no longer works for UF, or is no longer serving as the DSA for your unit. This form must be filled out and signed by the appropriate vice president, dean, director, or department chair. Approver Authorization Form (PDF). The individual you authorize as security role approver will have very important responsibilities. Using the Access Request System, approvers will review and act on requests made by Department Security Administrators (DSA) to grant or remove access to administrative computer applications for people in their department, college or division.

The UFIT Information Security Office responds to and investigates information security incidents related to misuse or abuse of university information and information technology resources. An information security incident is defined as an event, whether electronic, physical or social that adversely impacts the confidentiality, integrity or availability of University of Florida data or information systems; or a real or suspected action, inconsistent with University of Florida Privacy or Acceptable Use policies. Incident Management services are triggered by an event or request, such as a report of a compromised host, wide-spreading malicious code, software vulnerability, or an event that was identified by an intrusion detection or logging system. Alerts and Warnings involves disseminating information that describes an intruder attack, security vulnerability, intrusion alert, computer virus, or hoax, and providing any short-term recommended course of action for dealing with the resulting p

The following resources are available to network administrators that are registered in the UF Network Services database. Vulnerability Scan Database: Self-Serve Vulnerability Scanner, Enhanced Vulnerability Scanner, Security Tickets, Campus Security Scans, Blocked Hosts, Blocked Domains, Subnet Managers Search.

This page provides links to the university's information security policies currently in effect. Many policies have established standards to help you with policy compliance. Visit UFIT's Standards page to view these documents.

Millions of viruses are currently circulating the Internet via e-mails, malicious websites and instant messaging. New ones are being released every day and infecting unsuspecting users who open e-mails that they thought were from a friend or visiting a website that required them to install something that said it would protect them.

Whenever reporting a system compromise, defaced website, or some other incident, either to UF network support or another organization, please make sure to include the following information: Your name and contact info. Those you contact may need to ask you for more information. Any applicable time-stamped system log files. Detailed log files are essential for others to understand security problems and compromises.