Keeping Information Security Simple – InfoSec Requires Advanced Preparation

Open Letter

Letter from the CISO, Vol 2 Issue 12 Washington University Community: Are cyber threats like pop quizzes? I was recently asked, “How are cyber threats like pop quizzes?” I’ve realized this is an interesting question, but not in the way I originally thought. Initially, I thought of reasons they were similar. They are unexpected, test […]

Chance to Win $100 in Our Monthly Challenge

Trophy with five stars

The OIS is always looking for ways to improve your security and reward your participation in our efforts. This month, we want to point you toward a few resources to help you protect yourself from cybercrime and understand how our office can support you. Guidance for Reporting Phishing Have you seen the Phish Alert Button? […]

SECURED is Getting a New Look

SECURED newsletter design in the new template

Starting with our June edition, SECURED will have a new look. Information Security is a big part of the future of IT at WashU, so we are aligning our published content with the rest of the great information and news coming from WashU IT. You can learn more about WashU IT’s strategic plan on the […]

Business Associate Agreement (BAA) Explained

HIPAA Compliant

If you work with Protected Health Information (PHI), you have probably heard mention of a business associate agreement. At WashU, it is essentially a contract between WashU and a business associate concerning the handling of PHI. Who is a Business Associate? It is a person or entity outside of WashU who creates, receives, maintains, or […]

Scam of the Month: DEA Impersonation

The Drug Enforcement Administration (DEA) is warning the public of a widespread fraud scheme where scammers impersonate DEA agents to extort money or steal personally identifiable information. DEA personnel will never contact members of the public to demand payment or sensitive information. No legitimate federal law enforcement officer will request cash or gift cards from […]

Splunk and CrowdStrike Server Installation Initiative

Data Center Servers

A campus-wide initiative is underway to improve computer security by installing the Splunk Forwarder and CrowdStrike on all servers by the end of June, as InfoSec Policy requires. The Splunk Forwarder gathers real-time log data from servers into a searchable repository. This log data can help detect and troubleshoot security incidents quickly and efficiently. CrowdStrike, […]