Author: Cerrigione, Christopher

Risk and Compliance Self-Assessment Questionnaire

Starting this week, ITS Information Security Office is sending a Risk and Compliance Self-Assessment Questionnaire to designated IT professionals in each school, college, campus, and department.  The purpose of the questionnaire is to collect information about systems, services, and data that will inform efforts to continuously strengthen UConn’s information security posture. In addition to identifying institutional security gaps, this questionnaire also assists UConn in maintaining compliance with federal regulations, policies, procedures, and best practices in areas such as FERPA, HIPAA, PII, backups, and incident response. For more information, visit

Wireless Risk, Patch Your Personal Devices

The most commonly used security standard for Wi-Fi networks has been compromised.  A recent Key Reinstallation Attack (KRACK) breaks the handshake that encrypts the connection, and cyber criminals could target nearby Wi-Fi networks. There have been no reports yet of this vulnerability being actively exploited. However, ITS recommends that you take action to protect your devices and data.

The intended targets of this attack are end-user devices.  ITS-supported clients will be patched by ITS, and we strongly encourage that you install security updates on personal devices that connect to a Wi-Fi network as soon as they are available.  Microsoft has patched their operating systems, and Apple will be releasing fixes shortly.  Those with Android smartphones should check with their phone manufacturer or mobile carrier for updates.  Other devices, such as individual wireless routers, should be updated with vendor provided patches.

Please note: You are safe if your connection has other protection, such as HTTPS or VPN.

For more information or assistance, contact the ITS Help Center at

Phishing Scam Alert

The following phishing scam from a email address is circulating again (see 9-5-17 post).

We will be Shutting Down your Account due to suspicious Activity and Login from a Different IP with your Account which have made us take this decision to safeguard your Account. To avoid Shutting Down of this Account you will be Required to CLICK THIS LINK now and Submit Details as you have just 24Hrs to confirm your Account.

System Administrator.

If you receive this message:

  1. Do not click on any links, and do not provide your information. ITS and other University organizations will not send unsolicited requests for UConn credentials or other personal information.
  2. Forward the message to
  3. Delete it from you inbox.

If you clicked on the links:

  1. Change your NetID password immediately.
  2. Set up or change your “secret questions and answers” for your NetID account.

For more a more in-depth discussion of how you can spot phishing scams and protect yourself, please see “Phishing attacks and how to avoid being scammed”.

Contact the ITS Help Center at 860-486-4357 is you need assistance.