Information security resources for IT staff
Set up your IT services and security measures as soon as you join U of T.
Essential security documents
Information security standards set the baseline for protecting information and digital assets at U of T. Everyone plays a role in understanding and applying these standards. They support security policies by specifying what needs to be done to protect our information and digital assets.
The Incident Response Plan provides guidance for managing incident response with the primary objective to contain and mitigate the risks and issues associated with computer security incidents.
Knowing the criticality of your data is the first step towards adequately protecting it. U of T’s data classification groups data into four levels based on its importance, sensitivity and potential for misuse.
Consider the availability of information systems, applications and equipment that handle data (including storage, processing and transmission).
These are controls for securing U of T information and digital assets based on risk. Everyone at U of T is expected to follow these controls to ensure our data and systems are adequately protected.
Programs
Information Security programs are designed to achieve specific strategic goals and objectives by delivering a suite of related projects, services and resources. These programs will evolve over time based on community feedback, threat landscape, business requirements and digital transformation initiatives at the University.
Vulnerability Management Program (VMP)
This program focuses on effectively managing vulnerabilities within the environment through sustained processes, advanced technologies and secure practices.
This program focuses on securing endpoints (i.e., workstations, laptops, mobile devices, servers) and associated data against advanced security threats.
This program drives efforts to help the University community identify, assess and manage security risks to their data, systems and network.
Tools
Learn practical cyber security tips and best practices that will help you safeguard your personal and institutional data.
Bring your IT expertise to CIS WorkBench, where you can network and collaborate with cybersecurity professionals around the world. Register now to help draft configuration recommendations for the CIS Benchmarks, submit tickets and discuss best practices for securing a wide range of technologies.
We provide a tool for incident response training to help you prepare your staff for various information-security incidents. The Immersive Labs Crisis Sim platform is designed to enhance your team’s strategic decision-making skills in different types of security incidents.
UTORrecover is a professionally managed backup solution provided by Information Technology Services.
Security services
View and request Information Security services.
Transport Layer Security (TLS) certificates, formerly known as Secure Sockets Layer (SSL) certificates, are digital certificates that keep your internet connection safe by encrypting the data between your web browser, the website and its server.
