Skip to content

Resources

A collection of tools and services, training opportunities, and job aids to help you implement privacy and cybersecurity best practices.
Filter by
Showing resources 1 - 25 of 27
  • API Code Review Discussion Questions

    Cybersecurity code review will typically start with Open Web Application Security Project (OWASP) API Security Top Ten inspired questions.

    Job Aid
  • Best Practices with AWS Lambda

    AWS Lambda can help development teams associated with the University of Illinois to more easily comply with Illinois Cybersecurity standards.

    Job Aid
  • Box High Risk Folders

    Box High Risk Data Folder (BHRDF) is capable of securely storing approved types of High Risk Data. 

    Tools & Services
  • CIS Benchmarks and Assessor

    The Center for Internet Security has benchmarks for securing Linux, Windows, Cloud Providers, Mobile Devices, Networking Equipment, more. IT professionals create an account with your NetID.

    Job Aid
  • CISDSC

    CISDSC is a DSC (desired state configuration) based PowerShell module for applying CIS benchmarks for Windows & Microsoft Edge. 

    Tools & Services
  • Code Review Discussion Questions

    Code review will start these Open Web Application Security Project (OWASP) Top Ten Web Application Security Risks inspired questions.  

    Job Aid
  • CrowdStrike

    Designed to mitigate real-time cybersecurity threats and incidents, give visibility and security capability.

    Tools & Services
  • Cybersecurity Mobile Integration Testing

    Mobile Integration Testing provides an automated means to check iterations of an application for flow-breaking changes. 

    Job Aid
  • Cybersecurity Training

    Cybersecurity training helps raise awareness and build good cyber-safety habits. Login using your university credentials to access assigned and optional cybersecurity training.  

    Training
  • Data Classification Flowchart

    Understand more about how to identify and handle different types of data.

    Job Aid
  • Device Wiping and Disposal

    How to be security compliant for Electronic Data, Disk, SSD, or Other Storage Device Disposal.

    Job Aid
  • Duo Mobile Application

    Multi-factor authentication is simple with push notification or a one time passcode on the Duo Mobile App

    Job Aid
  • Example Development Standards

    A starting point to guide discussion of Cybersecurity development practices, and to help draft a document internal to a team. 

    Job Aid
  • Firewall

    Monitors incoming and outgoing network traffic and decides whether to allow or block.

    Tools & Services
  • IP2Fire

    IT Pro tool used to identify the firewall group of an IP or network.

    Tools & Services
  • Logging Practices for Application Developers

    Properly logging security events helps comply with Illinois Cybersecurity standards.

    Job Aid
  • MECM

    Facilitates management of endpoints including Windows and MacOS.

    Tools & Services
  • Munki

    Facilitates management of endpoints including Windows and MacOS.

    Tools & Services
  • Qualys

    Vulnerability management tool used by the cybersecurity team and Qualys users to assess risk to systems and networks.

    Tools & Services
  • SSL Certificate Issuance

    This service manages SSL certificate requests and processes them through the university Certificate Authority vendor, Sectigo

    Tools & Services
  • Storing Secrets on Amazon Web Services (AWS)

    Correctly using AWS Secrets Manager helps fulfill an IT Professional's responsibility to comply with Illinois Cybersecurity standards.

    Job Aid
  • Third-Party Risk Management

    As part of Third-Party Risk Management, GRC will review the privacy and security compliance posture of all contracts and purchases related to university data. 

    Tools & Services
  • University Box Health Data Folder (BHDF)

    University units can securely store Personal Health Data (PHI) and other types of data governed by HIPAA.

    Tools & Services
  • Using GitHub Actions with the Campus Firewall

    This document provides the developer with resources to learn about what GitHub Actions and Runners are, how to set up the features, and how to use them effectively. 

    Job Aid
  • Vulnerability Response

    Quick identification of at-risk systems or services with responsible notification to the owners of those services.

    Tools & Services