Resources

Comparisons

Choosing the most appropriate network is the best way to maximize the performance of your computer and mobile devices.

Good Practices

As a rule, do not share downloaded materials with others via peer-to-peer software like BitTorrent or other torrent applications.
Email scams (known as phishing) are a common method to trick you into visiting a fraudulent website, opening an infected document, or logging in to "validate your email account."
To keep your device current, enable automatic updates and install updates when notified.
Downloading or sharing software, entertainment, or images may violate United States copyright law. Many torrent applications default to continue sharing your downloads with other users.

Planned Changes

Stay secure and connected!
For Instructors
Try the troubleshooting tips below if Duo isn't working for you. If you need additional assistance contact Technology Help 24/7.
Congratulations on your new phone! Learn how to reactivate, add, or remove phones with Duo.
Even if you have no access to WiFi or cellular service, you can still use Duo Security.
Duo’s "Remember Me" feature saves you time while keeping your information safe. It is like the "remember my computer" or "keep me logged in" options you may have seen on other websites.
You can use Duo authentication when traveling internationally, unless you are traveling to a U.S. embargoed country.

Resources

This University policy focuses on what you can and cannot do, and where to report violations of acceptable use.
Departments may also sponsor an internet account for a University-affiliated individual, as long as that individual provides a service or function that directly impacts students, faculty, or staff.
A single SAML entityID can be used for many different servers, both physical and virtual.
Reitired: redirected to Compare Authentication Options page https://it.umn.edu/comparison/compare-authentication-options
An Entity ID is something that you choose as a SP. This page should help you choose a good entityId for your shibboleth configuration.
A guide to help you correctly identify the security level required for your research data developed by the College of Liberal Arts Technologies and Innovation Services.
Once you have the Apache Shibboleth Module installed and configured, you can add Apache Auth directives to any appropriate content-control block ( <Directory>,<File>, <Location>) in your virtual host
Overview In this file you are telling Shibboleth a few key pieces of information so it knows how to authenticate your users. Those items are
If you've gotten this far, you have probably already chosen an Entity ID. If you have not, please see the Choosing your Shibboleth Entity ID topic.
Users agree to comply with the laws or regulations of the United States Department of Commerce, the United States Department of Treasury Foreign Assets Control, or any other applicable United States foreign agency or
This resource shows a world-wide map of locations where you can access eduroam.
This link goes to eduroam's official list of participating institutions. 
This four-minute video shows how to enroll a variety of devices, such as cell phones, for use with Duo two-factor authentication.
Learn to store, sync, and share files with Google Drive.
When guests are granted access to information technology resources they must abide by all relevant University of Minnesota policies, as well as all current federal, state, and local laws.
For an overview of the sequence of events during Shib authentication see: Understanding Shibboleth: How It A
Enable automatic updates of the the Mac operating system and apps you got from the App Store.
This policy provides information about the Information Security Risk Management (ISRM) program, including identifying and tracking information security risks, developing plans for remediation, and providing guidance o
U faculty and staff can use this password manager after checking with their technology support staff. For those in a health care component area, store the password database on a University managed device.
For web-based single sign on, you should use Shibboleth authentication instead.
The InCommon certificate service allows for delegated administration, so designated people can submit and approve certificates for their department without intervention from OIT.
Provides a list of the legitimate online services that are approved by the AAP, MPAA, and RIAA.
Through the InCommon Federation, University of Minnesota researchers can access national research and scholarship applications and web services, such as virtual organizations and
The Payment Card Compliance Office and University Information Security (UIS) work with departmen
Report an Information Security Incident
Digital Millennium Copyright Act (DMCA) Designated Agent Notification Procedures
Call 911 if you fear for your safety. Report email or other electronic harassment to University Information Security. Send email to [email protected]
If you suspect a potential security issue involving any private information—whether the information is on a computer, on paper, on the web, etc.—immediately report the details to University Information Security
The UReport provides a way for University community members to report violations of rules, regulations and policies. The report can be made anonymously.
Report suspected potential data breaches immediately to University Information Security. Send email with details to [email protected]
University Information Security is available to consult on:
Sometimes you may want to retrieve additional attributes about the user after the user authenticates.
Service Gateway users should follow these practices:
Service Gateway users should follow these practices:
All Service Gateway users should follow the best practices listed below. During Migration During migration, Service Gateway users should do the following.
All Service Gateway users should follow the best practices listed below. During Migration During migration, Service Gateway users should do the following.
OIT customers can use Service Gateway, a web-based application, to manage their own voice and data network connections. Common uses include the following.
OIT customers can use Service Gateway, a web-based application, to manage their own voice and data network connections. Common uses include the following.
We have defined naming conventions for unit identifiers in Service Gateway as described below.
We have defined naming conventions for unit identifiers in Service Gateway as described below.
Each management ID (MID) must have one primary user, who is ultimately responsible for all jacks managed within a unit; this is a significant role.
Each management ID (MID) must have one primary user, who is ultimately responsible for all jacks managed within a unit; this is a significant role.
Current Service Gateway users can use the tool to request services. Others can access the tool by requesting migration.
Current Service Gateway users can use the tool to request services. Others can access the tool by requesting migration.
When a unit is migrated into Service Gateway, training for the primary and secondary users is required. Training is available at no charge.
When a unit is migrated into Service Gateway, training for the primary and secondary users is required. Training is available at no charge.
Each management ID (MID) must have a minimum of one secondary user. Multiple users are recommended to ensure back-up. Primary and secondary users have similar responsibilities.
Each management ID (MID) must have a minimum of one secondary user. Multiple users are recommended to ensure back-up. Primary and secondary users have similar responsibilities.
Standard users have access rights assigned to them by the primary and/or secondary users of the MID.
Standard users have access rights assigned to them by the primary and/or secondary users of the MID.
Primary, secondary, and standard users are assigned user access rights at the discretion of the primary and
Primary, secondary, and standard users are assigned user access rights at the discretion of the primary and
During migration to Service Gateway a management ID (MID) is assigned to the unit. An MID is simply a unique identifier in Service Gateway, used to associate all voice and data network services to a department/c
During migration to Service Gateway a management ID (MID) is assigned to the unit. An MID is simply a unique identifier in Service Gateway, used to associate all voice and data network services to a department/c
Common Error Messages
Picking an entity ID If you have not done so, please read Choosing your Shibboleth Entity ID
Official installation instructions are on the official Shib wiki.
Download For now, please see the official Shib Wiki docs on Windows installation.
These are some of the important concepts and terminology used when talking about SAML or Shibboleth.
Understanding Logout
(See also InCommon's Cert FAQ, which includes browser/device support lists.)
SSL certificate code to proceed to the enrollment form on the InCommon certificate enrollment site:
Web/System administrators who request SSL certificates can go here when having problems connecting to a certificate request page.
Hello there! Please connect to eduroam. 
Cohesive Service
Meeting slides from the Email Technical Coordinators meetings, 2004-2008 are archived below. 
When traveling abroad, some foreign countries do not allow encryption. 
Get a list of the current ports and other things that are blocked at the University's border. You must sign in as a University employee to see these network filters.
This one-minute video demonstrates how to use a push method on your mobile device to authenticate with Duo two-factor authentication.
Google APIs use the OAuth 2.0 protocol for authentication and authorization. Google supports common OAuth 2.0 scenarios such as those for web server, installed, and client-side applications.
The University uses a two-factor authentication system for users who need access to its enterprise-level applications, to ensure another level of security when working with sensitive data.
Please review the embedded Google spreadsheet below to determine if an application requires a Virtual Private Network (VPN) connection.
University WiFi updates mean improved coverage, performance, and stability.
View maps showing wifi coverage for individual University of Minnesota buildings.
If you encounter a location with poor WiFi connectivity on campus, pin the location on the UMN WiFi Feedback site. Network engineers are alerted, and where possible, take action to improve connectivity. 

Self-Help Guides

Box Secure Storage is a cloud storage and collaboration service configured to meet the University security standards for HIPAA data.
Duo Security is the University's way of adding another layer of security to the information you access online.
Learn about Shibboleth, an open-source single sign-on infrastructure, and how to install and configure it.
Did you know that many WiFi connectivity problems are the result of settings or other issues on individual users’ computers, phones and other mobile devices? The good news is many of these can be easily fixed.