Information Security IncidentsReport suspected information security incidents, including suspected loss or discl
Resources
About Us
Comparisons
There are a couple of options for working with offline files with Google Drive and Google shared drives.
Choosing the most appropriate network is the best way to maximize the performance of your computer and mobile devices.
Good Practices
Challenge
Backups are essential. Your hard drive could fail, you could lose your device, it could be stolen, or you could get a malware infection that takes your files hostage.
Challenge
Older or unpatched software increases exposure to vulnerabilities in the operating system, application software, and apps that can allow attackers to control your system or steal your private data.
Overview of Storage Portfolio Restructuring InitiativeThe Office of Information Technology Storage and Hosting Services team is conducting phase 2 of the
Learn more about how to make your online experience safer and also help secure the University.
Challenge
Identity theft can happen to anyone at any time. It can be hard to immediately tell if you are affected, or to know who to notify.
To keep your device current, enable automatic updates and install updates when notified.
How-Tos
Adobe Cloud Storage does not meet the University's security policy requirements and should not be used to store University data. This article contains instructions on how to migrate your data to an alternati
Beginning in the summer of 2022, mapping of your Google Drive to the AppsToGo environment will be done using the Google Drive Desktop application.
BeyondTrust (Bomgar) is a safe secure and private way to allow the support personnel to view and control your computer.
BeyondTrust (Bomgar) is a safe secure and private way to allow support personnel to view and control your computer.
BeyondTrust (Bomgar) is a safe secure and private way to allow the support personnel to view and control your computer.
BeyondTrust (Bomgar) is a safe secure and private way to allow the support personnel to view and control your computer.
BeyondTrust (Bomgar) is a safe secure and private way to allow the support personnel to view and control your computer.
BeyondTrust (Bomgar) is a safe, secure, and private way to allow support personnel to view your computer screen.
This article is designed to assist in getting Box Drive installed on Health Sciences Technology (HST) supported devices.
When inviting an internal or external user as a collaborator within a folder, you will have the ability to set the level of access that user has to your content.
Sometimes when you're sharing a file with someone you know they will need it for only a certain amount of time, or perhaps legally they or you can only have access to it for a certain amount of days.
How do Box Notes work in folders that have been synced?
Box Notes are synced to your computer like other documents, and will appear in your Box Sync folder. (Note: Box Sync has been replaced by Box Drive.
While you are working in Box Notes Box Secure Storage automatically creates saved versions roughly every five minutes or after
You can choose the type of email notifications that you receive on actions taken within Box.
There are two ways to change or transfer folder ownership to another collaborator. Through the Collaborators menu in the right pane of a folder or from the Collaborators page of a folder.
Box Notes is an easy-to-use document creation tool built natively in Box and available to all Box users.
Box Notes is an easy-to-use document creation tool built natively in Box and available to all Box users.
You can create different file types or folders directly from your Box account.
You can delete files or folders that you own.
The University DOES NOT recommend downloading data when working with Box for secure storage.
Box Notes is an easy-to-use document creation tool built natively in Box and available to all Box users.
You should always be collaborating with only the people who need access to files and folders, and with the least amount of
Box Notes is an easy-to-use document creation tool built natively in Box and available to all Box users.
What is Box Secure Storage?
Box is a secure, cloud-based tool for storing and sharing sensitive data.
The Updates page provides logs of all the activity that is happening in your Box account. The updates page shows logs for actions taking place on files and folders such as:
Box Edit is an add-on feature that allows you to edit or create files directly on Box.
The recommended app to install and use to help you work with Box files from your desktop is Box Drive.
Box Secure Storage provides many security features designed to protect your sensitive data files. However, there are actions you can take to make sure your data stay protected while in Box:
Locking/Unlocking Files
If you are working on a file with other collaborators, be sure to lock files before opening them with Box Edit.
If you have not yet done so,
To hide collaborators, you must be the owner of the Collaboration Folder.
Events like leaving the university or changing roles can trigger a need to change collaboration levels or completely remove someone from a folder within Box.
This article is intended for migrating large amounts of data from Shared Drives or Folders into Box Secure Storage using the Box web interface.
This article is intended for migrating large amounts of data from Google Drive into Box Secure Storage using the Box web interface.
To print using Box Notes, click on the more options
Is the content in your trash?
Are you the owner or deleter of this content?
You should be removing a collaborator's access as soon as they no longer need the file or folder that you are sharing w
Sometimes a folder should only be accessible to other users within the University of Minnesota system. This article explains how to do this to a folder.
Shared links can be used to quickly get a collaborator directly to a shared file or folder.
Users should keep their collaborators (the people to whom they give access to folders) up-to-date.
While you can share with both internal and external collaborators through your Box account there are special considerations to take when sharing with alumni.
Tags in Box can help you organize and easily find your information.
Box keeps track of your file versions when you upload new files.
According to the Research Data Management Policy, the University of Minnesota owns all data created by faculty, staff, and
Why can't I see a folder I was invited to?
If a user is invited to collaborate on a folder and they do not acc
Each user has an unlimited amount of storage space available. However, individual files must be less than 15 Gb each. If you need to make files smaller use a compression tool such as 7-zip.
Box has several visual indicators that can help you easily understand things about the folder, such as collaboration level and ownership. The below is an overview of these icons and indicators.
Permission levels on Box follow a waterfall' design in which individuals only have access to the folder they are
You are able to upload individual files or entire folders into your Box account.
You can easily upload files or send attachments to a specific Box folder by email when you enable the Allow uploads to this folder via email option.
The University's preferred solution for editing Box data from your Desktop is Box Drive.
You can both create and edit files in Box using Microsoft Office Online Integration.
The Trash folder allows you to recover files and folders that have been deleted. By default, items in the Trash will be purged after 60 days.
There are various ways to integrate and update data within Box. This article covers the basics of the three ways you may want to modify data with Box and when or why you may want to use each.
Box and Sensitive Data
Box is a secure data storage and sharing tool that is the primary secure sharing tool for the University of Minnesota.
The University of Minnesota's Box Secure Storage may function differently than other university or personal Box accounts you have used.
Google Assignments (LTI 1.3) is the way to create an assignment based on a resource in Google Drive.
The University is transitioning from Google Docs Cloud Assignments to Google Assignments (LTI 1.3) and from Google Drive 1.1 to Google Drive (LTI 1.3) to maintain information security.
The most common issue people experience when using Google Drive in Canvas is an authorization error or authentication failure.
Description
This article will go through the basics of using the VPN before logging into a Windows device that has been shipped directly to a persons home and they have not logged into that device before.
What is Martin?
Martin is what Salesforce calls a full sandbox. That means that it is a complete copy of the production system.
Description
This article will describe how to resolve the following error in Cisco Secure Client:
For people leaving the University or changing departments, transferring team files to a shared drive may require transferring ownership of your work to someone else.
An article from Google that explains how to get approvals on files in Google Drive
After people leave the University, their UMN Google Workspace accounts close.
These instructions are for Shared Drive Managers and Content Managers. It is possible to add members who do not have a University of Minnesota email account to a Shared Drive.
Google shared drives are shared spaces where teams can easily store, search, and access their files anywhere, from any device. Faculty and staff have the ability to create shared drives.
If you are a user of a Windows computer supported by Health Sciences Technology (HST), you can connect to it remotely from another HST-supported computer, or from your personally owned computer.
You can install Cisco Secure Client on your University-owned or personal computer and connect to the Virtual Private Network (VPN) to remotely access University services or devices.
The following steps can be used to access cloud agent activation keys, installation instructions, and installers.
Manage Qualys scans through the VMDR module on the Scans tab.
Scan Option Profiles are the settings for a scan.
To create a new tag set, follow these steps.
The Dashboard tab on the VMDR module allows you to view, create or modify dashboards showing vulnerability information.
Before creating dynamic tagging rules, it is suggested to review Qualys’s documentation (linked below) on dynamic tagging.
Create or edit tags using the CyberSecurity Asset Management (CSAM) module.
You can add a widget to a dashboard by selecting the Add Widget button (it looks like a + sign inside a circle), which will open the Add or Customize Dashboard Widget Templates window.
The Reports tab of the VMDR module allows for creating, modifying, and scheduling vulnerability reports.
There are multiple ways to add a static tag to an asset.
Qualys authentication must originate from University IP space.
Qualys’s primary navigation is built on several modules.
If you want to perform a one-time ad-hoc scan, do the following.
Qualys onboarding is managed by University Information Security (UIS).
Agents are the preferred method of monitoring for vulnerabilities, but in some cases, network vulnerability scans will be required.
Qualys agents, called Cloud Agents, are the preferred method of monitoring for vulnerabilities on a system.
Assets and tagging are managed in the CyberSecurity Asset Management (CSAM) module.
This article describes the different types of user roles and how those roles will have their permissions scoped for users of the University’s Qualys implementation.
This article describes the tagging architecture that will be used in the University’s Qualys instance.
To access the Qualys knowledgebase, go to the VMDR module then select the KnowledgeBase tab and then the KnowledgeBase sub-tab.
In order to easily view all the assets tagged with a given tag, follow these steps.
Qualys is a vulnerability management tool used by over 10,000 organizations worldwide.
What is Don?
Don is what Salesforce calls a full sandbox. That means that it is a complete copy of the production system.
Cisco Secure Client is the primary Virtual Private Network (VPN) tool supported by the University of Minnesota. All VPNs require Duo Security Multi-Factor Authentication (Duo).
Installing Cisco AnyConnect VPN on ChromeOS devices.
These directions outline the process of installing the Cisco Secure Mobility Client and Diagnostic And Reporting Tool (DART) for Linux.
The Command Line Interface (CLI) is a mechanism for interacting with a computer operating system or software by typing commands to perform specific tasks, and is a valid way to use Secure Client.
The Command Line Interface (CLI) is a mechanism for interacting with a computer operating system or software by typing commands to perform specific tasks, and is a valid way to use Secure Client.
This guide is intended for those who utilize Chromebooks and other ChromeOS devices to use Cisco AnyConnect to configure the Virtual Private Networking (VPN) service on your device. For assistance in connecting,
This article provides step-by-step instructions to connect to the Virtual Private Network (VPN) client Cisco Secure Client using an Android or iOS device. For assistance in connecting, including Login Failed mess
Follow these instructions to connect to the Cisco Secure Client on your macOS, Windows, or Linux device.
Installation instructions for Cisco Secure Client VPN client for Mac.
This article covers installing Cisco Secure Client on a Windows computer with a University of Minnesota profile built in.
This article will walk you through connecting to UofM VPN natively with most versions of macOS 10.6. and newer.
Install the Cisco Secure Client on your iOS or Android device.
Some versions of Linux do not come with a Certificate Authority (CA) certificate that will recognize the University of Minnesota's certificate CA.
Determine if an application requires a Virtual Private Network (VPN) connection.
Troubleshoot installing the Client and session logs.
All Departmental Pools, Full Tunnel VPN, and Split Tunnel VPN Pools require Multi-Factor Authentication through
VPN groups with enterprise needs are termed Common Good VPN Groups. Currently the groups that meet this criterion are UofMvpn, UofMVPNNoLibraries,
Departmental Virtual Private Network (VPN) groups are virtualized networks that may or may not be serviced by the same platform as the common good VPN groups.
This page describes features of our VPN that may be of interest to LAN Administrators and Service Desk staff.
This article lists the firewall requirements (subnet protocols and ports) of our VPN service for LAN administrators and helpdesk staff.
This page describes design features of our VPN that may be of interest to LAN administrators and helpdesk staff.
You can send print jobs via WiFi to printers in UMN Computer Labs but first, you need t
You can easily print a document from your personal computer by connecting to a U of M print server via CampusCloud Print.
The Pharos Print app enables you to send a document from your mobile device to a U of M print server.
The Pharos Print app enables you to send a document from your mobile device to a U of M print server.
As student, staff, or faculty you are able to print in OIT-Managed Printing locations using your pe
Sometimes even if you've correctly added eduroam to your networks, you may have problems connecting.
This article provides troubleshooting instructions to re-enable WiFi connection to those who have been temporarily blocked from University WiFi on Lenovo and iOS devices.
Table of Contents:
Miniport WiFi Adapters are known to interfere with WiFi connectivity for Windows users. If you can no longer connect to the network or your connection is intermittent, check for these adapters and disable them.
This guide will help you to forget your WiFi network. Forgetting a network is often a helpful step when you are having problems connecting to WiFi.
Your android device will automatically find all wireless networks in range.
Aruba 303H access points are deployed in residence halls across the University of Minnesota Twin Cities campus. These will provide WiFi, and Ethernet access within a particular room.
To import a list of new departmental or unit-owned Internet of Things (IoT) devices, use the bulk import facility. This requires using a spreadsheet template with some default values.
This article will help you connect a Chromebook to eduroam.
At the University of Minnesota, personal and departmental Wi-Fi devices can be connected to the Internet of Things (IoT) service. Follow these steps to connect your device for the Encrypted IoT Service.
Connecting to eduroam WiFi with Windows on ARM requires additional steps compared to the desktop version of Windows 8.
If you have tried connecting to WiFi and are still having connectivity issues, downloading eduroam CAT (Conf
If you have tried connecting to WiFi and are still having connectivity issues, downloading geteduroam can generally resolve this
Have you tried everything and still can't connect to eduroam? Downloading the ed
A device's wireless (Wi-Fi) MAC address, also known as hardware or physical address, is used for connecting to the network.
UofM-Guest WiFi Network
Guests on campus may use the UofM-Guest network at no charge.
Visitors from eduroam-participating universities can obtain access to
At the University of Minnesota, personal and departmental Internet of Things (IoT) devices can be registered for the Wi-Fi service. The current IoT service option is the Encrypted Service.
Your iPhone or iOS device will automatically find all WiFi networks in range. On campus, you will see the UofM Networks: eduroam and UofM-Guest.
These are some of the known issues and their workarounds for connecting departmental and personal Internet of Things (IoT) devices for University of Minnesota IoT Wi-Fi service.
Connecting to Campus WiFi
Your Apple computer will automatically find all wireless networks in range.
Information about WiFi related policies.
At the University of Minnesota, personal Internet of Things (IoT) devices such as Xbox, PlayStation, Roku, Apple TV, etc can be registered for Wi-Fi service.
University of Minnesota departmental Internet of Things (IoT) devices such as door locks, sensors, and cameras can be registered for Wi-Fi service.
Devices like the Google Chromecast are designed for home networks.
University of Minnesota departments and units can register to connect departmentally-owned Internet of Things (IoT) devices such as door locks, cameras, sensors, and Apple TVs to the Wi-Fi service.
If you want to set the same password for a group of departmental or unit-owned Internet of Things (IoT) devices, you need to export a spreadsheet, edit the passwords and then import your new spreadsheet back into the
Registering personal and departmental Wi-Fi devices allows users affiliated with the UMN to connect devices such as Xbox, Roku, Apple TV, Google Chromecast, door locks, freezer monitors, and more to the Universit
Connecting to Campus WiFi
Your Windows 10 computer will automatically find all wireless networks in range.
IT Community Group
The University community collaborates with University Information Security to review and develop University of Minnesota information security policies and standards to protect University data and information tech
Planned Changes
Overview
In 2020, Box announced that it would no longer provide free and unlimited storage space for all data.
Overview
In February 2021, Google announced significant changes to its storage policy that ends unlimited storage for the academic community and rebranded
Resources
This University policy focuses on what you can and cannot do, and where to report violations of acceptable use.
Follow these steps to protect your personal information.
Virus protection for Mac. The Sophos Home Free version of Sophos Anti-Virus for MacOS is available for free.
A page with download information for Box Sync and moblie access apps for Box Secure Storage
Box Sync and Box Drive are two separate desktop applications that give users the ability to access Box content from the user's desktop environment.
The University of Minnesota (UMN) values the use of information technology in supporting the mission of the University.
A guide to help you correctly identify the security level required for your research data developed by the College of Liberal Arts Technologies and Innovation Services.
Security IncidentsReport suspected security incidents or issues and violations of University security policy to University In
To use Office of Information Technology (OIT) Storage and Hosting Services, all customers must onboard through the Customer Experience Standardization for Infrastructure (CESI) process.
This University policy provides information on how to report a suspected loss of private data, and includes information on the University process for notifying individuals of an information security breach.
Visit z.umn.edu/classify-data for assistance determining the appropriate data security classification or regulations for your data.
This University policy provides the University data security classification and helps you identify your security level for protecting the data.
Follow ten simple, customized steps from the Federal Communications Commission’s Smartphone Security Checker to secure your mobile phone.
Follow ten simple, customized steps from the Federal Communications Commission’s Smartphone Security Checker to secure your mobile phone.
Remind yourself and others about safe computing best practices by posting our handout.
Article from Google about how to access Google Drive and share and edit Google documents, slides, sheets, forms and drawings from within a Google Video Call (Hangout).
Google Support document outlining basic and advanced search options in Google Drive. Note: Scroll down and click on Advanced Search options.
Google Support document which outlines process for changing the way documents are shared in Google Drive
LinkedIn Learning instructional video on making changes to your view and the sort order in Google Drive
Google Support document on real time communication with another Google user who is also working on the same Google Drive document
This short video from LinkedIn Learning demonstrates how to convert a file into the Google Doc format.
Google Support information on the creation, deletion and moving of a folder in Google Drive
LinkedIn Learning video instructions on how to delete and recover files stored in Google Drive
Google Workspace Learning Center instructions on how to download and print files from Google Drive
LinkedIn Learning instructional video on the ability to collaboratively edit a single document in Google Drive with another Google user.
Limitations on file sizes in Google Drive
Locate a file if its parent folders no longer exist.
Keyboard shortcut commands for use in Google Drive
Google Workspace Learning Center guide on sharing files or folders with specific people, adding comments and replies, making edit suggestions, and working with suggested edits of Google Documents in Google Drive
Important considerations before moving or deleting information in shared folders.
LinkedIn Learning video guide to funcationality and navigation in the Google Drive application
Google Support document with instructions on recovering a Google Drive document
Google provided information on requirements for using Google Drive.
Google Support site reviews process of searching for files in Google Drive
LinkedIn Learning how-to video on searching for files and folders in Google Drive
LinkedIn Learning instructional video on how to share files from Google Drive with other users of Google
Google Support instructional document on sorting files in Google Drive
Suggesting an edit to others working on the same document
Information on tracking changes made to your files stored in Google Drive
Google Support document giving steps to change ownership of documents stored in Google Drive
Google Support document with instructions on uploads to Google Drive
LinkedIn Learning video how-to on uploading files to Google Drive
LinkedIn Learning instructional video on using stars to group files in Google Drive
Google Workspace Learning Center how-to guide on set up and use of Google Drive
A resource discussing several strategies, such as folder structure and tagging, that can help improve your Google Drive when used with departments or teams.
LinkedIn Learning instructional video on contributing to files shared with you through Google Drive
Google Support document outlining how to convert Office files to Google Doc format
LinkedIn Learning instructional video on the sharing of documents through Google Drive and responding to/adding revisions
LinkedIn Learning video instructions on creation and maintenance of folders in Google Drive
Google Drive offers two ways to create, share, and store files: Google shared drive and Google My Drive. Google shared drive should be used for files that should remain at the University after a person leaves.
When guests are granted access to information technology resources they must abide by all relevant University of Minnesota policies, as well as all current federal, state, and local laws.
Enable automatic updates of the the Mac operating system and apps you got from the App Store.
The University's Information Security Awareness & Training helps to inform and empower yourself about data and privacy good practices when you use a computer or mobile device.
This University policy provides the information security controls that are required to protect the data and University IT resources, and includes information on how to use the standards and request an exception.
This policy provides information about the Information Security Risk Management (ISRM) program, including identifying and tracking information security risks, developing plans for remediation, and providing guidance o
The SANS OUCH! Newsletters provide more information.
This is a command line tutorial primarily conducted in in the OS X command line. Because of OSX’s unix heritage, much of the info here is also useful in other unix inspired systems, like the Linux com
The following laws and regulations are related to information security:
Provides a list of the legitimate online services that are approved by the AAP, MPAA, and RIAA.
The launch page for the University's instance of Box Secure Storage
Safeguard the data on your computer with encryption and a password.
This resource from CloudFind provides some best practices for using Google Drive with your team.
University Policy on how to report information security incidents
Your data are valuable.
Report an Information Security IncidentReport suspected information security incidents immediately to University Information Security (UIS).
Call 911 if you fear for your safety.
Report email or other electronic harassment to University Information Security. Send email to [email protected]
If you suspect a potential security issue involving any private information—whether the information is on a computer, on paper, on the web, etc.—immediately report the details to University Information Secu
The UReport provides a way for University community members to report violations of rules, regulations and policies. The report can be made anonymously.
Report suspected potential data breaches immediately to University Information Security. Send email with details to [email protected].
University Information Security is available to consult on:
The Office of Information Technology (OIT) offers services designed to meet diverse data storage needs for the University of Minnesota.
Devices considered to be part of the Internet of Things (IoT) include printers/copiers, cameras, thermostats, refrigerators, alarm systems, medical devices, streaming systems, smart speakers, smart TVs, workout equipm
All Service Gateway users should follow the best practices listed below.
All Service Gateway users should follow the best practices listed below.
OIT customers can use Service Gateway, a web-based application, to manage their data network resources. Common uses include the following:
OIT customers can use Service Gateway, a web-based application, to manage their data network resources. Common uses include the following:
We have defined naming conventions for unit identifiers in Service Gateway as described below.
We have defined naming conventions for unit identifiers in Service Gateway as described below.
In addition to creating new storage services, the Storage Portfolio Restructuring Initiative (SPRI) developed new standards for storage shares and group management.
Hello there!
When traveling abroad, some foreign countries do not allow encryption.
University units and community members must ensure their electronic devices and other resources which store, transmit, or process University information meet the information security processes and standards.
PurposeThe following questions will assist units or individuals to review IT contracts or licenses for both cloud-based/off-site or on-premise/locally hosted IT services.
View maps showing WiFi coverage for University of Minnesota buildings.
If you encounter a location with poor WiFi connectivity on campus, pin the location on the UMN WiFi Feedback site. Network engineers are alerted, and where possible, take action to improve connectivit
Self-Help Guides
Box Secure Storage is a cloud storage and collaboration service configured to meet the University security standards for HIPAA data.
The Google Drive self-help guide provides how-to instructions for common tasks such as organizing and finding files and folders, sharing and working together on documents, and downloading and printing files.
University of Minnesota departmental and unit-owned Internet of Things (IoT) devices such as door locks, sensors, cameras, Apple TV, and more can be registered for Wi-Fi access even if they don't support standard auth
Students, staff, and faculty at the University of Minnesota can register personal gaming or streaming devices such as Xbox, Roku, Apple TV, and more for WiFi access even if they don't support WPA2 authentication
Did you know that many WiFi connectivity problems are the result of settings or other issues on individual users’ computers, phones and other mobile devices? The good news is many of these can be easily fixed.
User Stories
The benefits of student group work are well documented: