Resources

A collection of tools and services, training opportunities, and job aids to help you implement privacy and cybersecurity best practices.

Filter by
Showing 27 resources
  • Using GitHub Actions with the Campus Firewall

    This document provides the developer with resources to learn about what GitHub Actions and Runners are, how to set up the features, and how to use them effectively.

    Job Aid
  • Storing Secrets on Amazon Web Services (AWS)

    Correctly using AWS Secrets Manager helps fulfill an IT Professional’s responsibility to comply with Illinois Cybersecurity standards.

    Job Aid
  • Device Wiping and Disposal

    How to be security compliant for Electronic Data, Disk, SSD, or Other Storage Device Disposal.

    Job Aid
  • Cybersecurity Mobile Integration

    Mobile Integration Testing provides an automated means to check iterations of an application for flow-breaking changes.

    Job Aid
  • CIS Benchmarks and Assessor

    The Center for Internet Security has benchmarks for securing Linux, Windows, Cloud Providers, Mobile Devices, Networking Equipment, more. IT professionals create an account with your NetID.

    Job Aid
  • Zeek

    Tool that passively monitors the network at the border.

    Tools & Services
  • WorkSpace One

    Facilitates management of endpoints including Windows and MacOS.

    Tools & Services
  • University Box Health Data Folder (BHDF)

    University units can securely store Personal Health Data (PHI) and other types of data governed by HIPAA.

    Tools & Services
  • SSL Certificate Issuance

    This service manages SSL certificate requests and processes them through the university Certificate Authority vendor, Sectigo.

    Tools & Services
  • Qualys

    Vulnerability management tool used by the cybersecurity team and Qualys users to assess risk to systems and networks.

    Tools & Services
  • MECM

    Facilitates management of endpoints including Windows and MacOS.

    Tools & Services
  • Munki

    Facilitates management of endpoints including Windows and MacOS.

    Tools & Services
  • IP2Fire

    IT Pro tool used to identify the firewall group of an IP or network.

    Tools & Services
  • Duo Mobile Application

    Multi-factor authentication is simple with push notification or a one time passcode on the Duo Mobile App.

    A swipe and a tap and you’re in!

    Tapping and swiping is second nature now that smartphones are part of one’s wardrobe. (Wallet, keys, phone) Many of us have our phones in hand or within reach most of our waking lives.

    Why not use the power of your phone to make logging in to University of Illinois systems or applications faster and simpler? You can even use Duo Mobile with certain smartwatches and make it even easier. Follow the instructions here to install, set up, and start using the app when you authenticate.

    INSTALLING THE APP

    See Installing the Duo Mobile app to get set up.

    REGISTERING YOUR DEVICE

    Once the app is installed on your mobile device, you’ll want to be sure the device is registered with the university. https://identity.uillinois.edu

    ACTIVATING THE DEVICE

    Follow instructions for activating the device you wish to use.
    2FA, Activate Duo Mobile for Your Device (uillinois.edu)

    SETTING YOUR PREFERENCES

    Select how you’d like to receive notifications from Duo to approve them on your phone: Push Notification or One Time Passcodes are the fastest options for users. 2FA – Getting started with Duo (uillinois.edu)

    USING THE DUO APPLICATION

    Log in to the university application of your choosing with your NetID and password. You’ll see the following screen for any application that requires multi-factor authentication.

    Tools & Services
  • Mobile Device Security

    icon of a hand holding a mobile phone

    Power Up Mobile Cybersecurity

    Mobile devices help us connect, work, shop, and play—and to enable that, they hold a lot of personal information. Get tips to better protect your device and yourself.

    Training
  • Data Classification Flowchart

    If you’re not sure what kind of data you work with, check the flowchart. Data-Classification-Flowchart.pdf

    Job Aid
  • Third Party Risk Management

    As part of Third-Party Risk Management, GRC will review the privacy and security compliance posture of all contracts and purchases related to university data.

    Our aim is to serve as a “concierge” service to help you navigate the myriad of compliance requirements that might apply to your project.

    • If your project will result in a purchase that will store, collect, access, create, manage, process, or transmit university data, engage the GRC process at the beginning of the project to help avoid implementation delays.
    • To begin, fill out the Initial Risk Assessment (http://go.illinois.edu/vendorrisk) to provide information about your project.

    Vendor cooperation is by far the primary determining factor as to how long a review takes. You may be able to speed things up by taking an active role to ensure your vendor is responsive to the needs of the process.

    Tools & Services
  • Vulnerability Response

    Quick identification of at-risk systems or services with responsible notification to the owners of those services.

    Tools & Services
  • Firewall

    Monitors incoming and outgoing network traffic and decides whether to allow or block.

    Several firewall plans are provided to serve a variety of needs. The group model allows departments to benefit from the protection of the firewalls that are already in place at the entrance and exit of the campus network, while also allowing Technology Services to maintain a manageable and flexible rule set on the campus firewalls

    Tools & Services
  • CrowdStrike

    Designed to mitigate real-time cybersecurity threats and incidents, give visibility and security capability.

    Tools & Services
  • Best Practices with AWS Lambda

    AWS Lambda can help development teams associated with the University of Illinois to more easily comply with Illinois Cybersecurity standards.

    Job Aid
  • Example Development Standards

    A starting point to guide discussion of Cybersecurity development practices, and to help draft a document internal to a team.

    Job Aid
  • Logging Practices for Application Developers

    Properly logging security events helps comply with Illinois Cybersecurity standards.

    Job Aid
  • API Code Review Discussion Questions

    Cybersecurity code review will typically start with Open Web Application Security Project (OWASP) API Security Top Ten inspired questions.

    Job Aid
  • Cybersecurity Training

    Cybersecurity training helps raise awareness and build good cyber-safety habits. Login using your university credentials to access assigned and optional cybersecurity training.

    Training
  • Privacy Threshold Assessment

    Privacy Threshold Assessment
    Fill out this survey to begin a consultation with the Privacy Team.
    Tools & Services
  • Box High Risk Folders

    Box High Risk Data Folder (BHRDF) is capable of securely storing approved types of High Risk Data.

    Tools & Services