Security

How to use the CIS-CAT tool to help secure U-M systems, databases, and applications, and how to report the results to Information Assurance.
Active@ KillDisk is software that can completely and securely destroy all data on hard drives, removable disks, and flash media devices, without the possibility of future recovery. U-M has a license for its use by faculty, staff, and departments for U-M owned computers on all U-M campuses, including Michigan Medicine. This document provides instructions for downloading, installing, registering, and using the U-M licensed copy of Active@ KillDisk. A freeware version of Activ@ KillDisk is available for use on personally owned devices.
If you are permitted to access or maintain sensitive institutional data using a server that you manage, please meet the minimum expectations below. Note that while these instructions generally apply to most Unix/Linux systems, the specific instructions shown are current for Red Hat Enterprise Linux 7. You can use the command-line text editor of your choice; examples using 'nano' are shown below.
If you have received a Sensitive Data Discovery report indicating that potentially sensitive data has been found on your workstation or an IT system you are responsible for, you need to take appropriate action as outlined in this document.
Users of the ITS Web Application Hosting service may find the following tips useful in order to prevent their web applications and data from being compromised by an attacker. As your application or site is hosted on a shared server and uses a networked filesystem (AFS), a compromise of your site could also negatively affect others on campus.
MitiGate is an online gateway to unit IT security risk data for Security Unit Liaisons (SULs), unit IT leaders, and unit leadership. It provides a window into IT security risk data pulled from multiple systems in one place.