Project Type: Protect and Manage University Data
Enhanced Email Security for University Retirees
ActiveWhat is it? ITS is updating how University retirees access their emails. Instead of using the Outlook desktop application, retirees will now use their web browser to access their email. This change will not impact retirees’ ability to access UNC email on mobile devices. Why are we doing it? This change enhances the security of retirees’ accounts, which still have access to University information. By limiting the emails stored on personal devices, we can better… Read More about Enhanced Email Security for University Retirees.
UNC Guest Network Remediation
CompletedWhat is it? ITS Security is implementing configuration changes that will limit certain activities on the Guest Networks (UNC-Guest and UNC-Guest-PSK). The project will prepare the UNC Community for this upcoming change. Why are we doing it? Currently, the UNC-Guest Network is used extensively for purposes it was not intended for, for example University business. This use of the network creates a security and regulatory risk for the University. The configuration change will limit the… Read More about UNC Guest Network Remediation.
Security Policy Updates
ActiveWhat is it? The project centers on revising and updating policy, starting with the changes that will affect the security team the most. The first standard to be updated will be the Information Security Controls Standard. Why are we doing it? Policy is the starting and ending point of a security program. To implement a security program that ensures UNC utilizes technology both safely and responsibly, there needs to be updates to policy first. … Read More about Security Policy Updates.
Security Program Revision
Active, Key ProjectWhat is it? We’re making changes to the current information security guidance and processes on campus. Why are we doing it? To further ensure that UNC can utilize technology safely and responsibly, the university must meet regulatory, statutory and legal compliance obligations, as well as societal expectations about appropriate management of data that’s in the university’s custody. How does this impact our UNC community? Faculty and Students All UNC-Chapel Hill faculty, staff, students, and campus… Read More about Security Program Revision.
Email and Onyen Namespace
ActiveWhat are we going to do? This project is focused on establishing clear and consistent rules for email aliases at the University to prevent collisions and misrouting, and to create consistency that improves the security of our IT credentials. We’ll ensure that Onyen holders receive matching email aliases without allocating them to others. Why are we doing it? Our goal is to simplify things for University staff. We’re working on reducing technical complexities related to… Read More about Email and Onyen Namespace.
Secure Research Space (SRW)
Completed, Key ProjectWhat is it? The Secure Research Workspace is a secure virtual desktop for collaboration and storing sensitive information related to research studies, like patient or clinical trial data. The goal of this project is to establish a re-imagined and successful version of the Secure Research Workspace (SRW). The project will include a 3rd party assessment of the existing platform, a new infrastructure design, as well as a new compliance package, and 3rd party assessment of… Read More about Secure Research Space (SRW).
DUO Universal Prompt
CompletedDuo is one of the multi-factor authentication tools that the University uses to keep UNC’s systems safe and stay ahead of security threats. In February 2022, Duo released a new version of its web-based prompt that improves accessibility and can automatically send to the last authentication method you used to authenticate — speeding up the process. The new version has a different look with some changes in functionality so the change will be noticeable to… Read More about DUO Universal Prompt.
New Curriculum
CompletedAfter a three-year process involving hundreds of faculty, students, staff and other key stakeholders, the new General Education curriculum is being implemented for undergraduates beginning in fall 2022. This project implemented the system changes needed to support the new IDEAs in Action curriculum (IDEA stands for Identify, Discover, Evaluate and Act), which replaces the current curriculum adopted in 2006. For more information, visit the IDEAs in Action website.
ETL Redesign for Enterprise Data Warehouse
CompletedAs the Enterprise Data Warehouse grows, so does the time required to run the ETLs that keep it updated. (An ETL extracts, transforms and loads data from multiple sources to a data warehouse.) This project will redesign the nightly ETL for the Enterprise Data Warehouse to make better use of the after-hours time we have to run the jobs and to make it easier to diagnose problems.
Password Reset Using Duo 2-Step Verification
CompletedCurrently, when you set up your Onyen, you answer some questions about yourself. Later, if you ever forget your password, you can answer these questions to prove that “you’re you” and safely reset your password. This security model is no longer considered safe enough by the NIST (National Institute of Standards and Technology), the NIH (National Institutes of Health), REFEDS (the Research and Education FEDerations group), and the University’s own Information Security Office. Current guidance… Read More about Password Reset Using Duo 2-Step Verification.
Enterprise Firewall Migration
CompletedWhat is it? This project will migrate approximately 250 unprotected VLANs (“virtual local area networks”) to campus enterprise firewalls. Why are we doing it? Migrating these VLANs will prevent attacks and also limit the scope of attacks across the University. Onboarding the rest of campus will significantly expand the range and depth of the University’s defenses. It will also give ITS unprecedented awareness of which mission-critical systems we need to protect. How does this impact… Read More about Enterprise Firewall Migration.
New NIH Requirements for Identity Assurance
CompletedWhat is it? The National Institute of Health (NIH) is improving data security and is requiring stronger proof that a person logging into their system is who they say they are. The NIH uses the criteria defined in the REFEDS Assurance Framework to define levels of assurance. REFEDS, which stands for “Research and Education FEDerations,” is an organization that represents the requirements of research and education related to access and identity management. Why are we… Read More about New NIH Requirements for Identity Assurance.