Letter from the CISO, Vol 5 Issue 5 WashU Community: In recognition of Cybersecurity Awareness Month, WashU IT’s theme for October is “Take Action and Reduce Online Risk.” But that’s what I always write about so, full speed ahead. Occam’s razor Many of you might be familiar with Occam’s razor, also known as the law […]
We reviewed the scams hitting the WashU community and chose the ones that fooled your colleagues and classmates the most. Don’t be the next one! Fake CAPTCHA – Verify You’re a Human Criminals create fake CAPTCHA pages to trick users into copying malicious code into their computer. To protect yourself, do not paste material into […]
Some of our most important information is stored on electronic devices. It’s critical that they’re safeguarded (and responsibly disposed of) when they’ve reached their end-of-life or are no longer needed. Improperly offloading your device makes your data vulnerable, creating opportunities for a breach. At WashU and around your area, there are services that you can […]
Storing important information on paper is a key part of our everyday lives. The need for safekeeping documents is essential while they’re in use and when it’s time for their disposal. Improper handling of documents can result in security threats, including bad actors gaining access to your information, the university’s, or our community’s data. Any […]
Cybersecurity Awareness Month 2025 is coming to a close. This year, we hosted a webinar, securely collected e-waste with the Office of Sustainability, held a banking security workshop with the Office of Financial Well-being, heard from industry experts at the BJC Cybersecurity Conference, and published weekly comics authored by the Office of Information Security. Below, […]
On October 15, Senior Director Information Security Operations and Engineering, Jason Murray, discussed previous security incidents on the WashU network and answered questions about cybersecurity. Those who could not attend or wish to revisit the presentation can watch a recording of the webinar on Microsoft Stream. Access to the recording is limited to the WashU community.
The HIPAA Privacy and Security Rules require entities, including WashU, to implement certain safeguards when communicating Protected Health Information electronically (ePHI). Consequently, WashU workforce members must ensure the confidentiality and integrity of ePHI by following the university-approved best practices and safeguards for electronic communications. For Patient Communications: For Provider-to-Provider Communications: For Email Communications Containing PHI: […]
The Office of Information Security (OIS) is dedicated to ensuring that WashU’s information security policies keep pace with the university’s evolving security needs and industry best practices. As part of this effort, we’re excited to share the 2025 Policy Update. Annual Review of the Policy Library This year, the Office of Information Security’s (OIS) Governance, […]