Information security resources for IT staff
Set up your IT services and security measures as soon as you join U of T.
Essential security documents
Information security standards set the baseline for protecting information and digital assets at U of T. Everyone plays a role in understanding and applying these standards. They support security policies by specifying what needs to be done to protect our information and digital assets.
The Incident Response Plan provides guidance for managing incident response with the primary objective to contain and mitigate the risks and issues associated with computer security incidents.
Knowing the criticality of your data is the first step towards adequately protecting it. U of T’s data classification groups data into four levels based on its importance, sensitivity and potential for misuse.
Consider the availability of information systems, applications and equipment that handle data (including storage, processing and transmission).
These are controls for securing U of T information and digital assets based on risk. Everyone at U of T is expected to follow these controls to ensure our data and systems are adequately protected.
Programs
Information Security programs are designed to achieve specific strategic goals and objectives by delivering a suite of related projects, services and resources. These programs will evolve over time based on community feedback, threat landscape, business requirements and digital transformation initiatives at the University.
Annual risk self-assessment designed to help units identify security gaps and develop plans to address them.
This program focuses on securing endpoints (i.e., workstations, laptops, mobile devices, servers) and associated data against advanced security threats.
This program drives efforts to help the University community identify, assess and manage security risks to their data, systems and network.
Vulnerability Management Program (VMP)
This program focuses on effectively managing vulnerabilities within the environment through sustained processes, advanced technologies and secure practices.
Tools
Learn practical cyber security tips and best practices that will help you safeguard your personal and institutional data.
Bring your IT expertise to CIS WorkBench, where you can network and collaborate with cybersecurity professionals around the world. Register now to help draft configuration recommendations for the CIS Benchmarks, submit tickets and discuss best practices for securing a wide range of technologies.
We provide a tool for incident response training to help you prepare your staff for various information-security incidents. The Immersive Labs Crisis Sim platform is designed to enhance your team’s strategic decision-making skills in different types of security incidents.
UTORrecover is a professionally managed backup solution provided by Information Technology Services.
Security services
View and request Information Security services.
Consultation service to help units assess risks associated with projects and third-party vendors.
Service offering digital certificates to verify identity and establish secure network connections.
