Starting this week, ITS Information Security Office is sending a Risk and Compliance Self-Assessment Questionnaire to designated IT professionals in each school, college, campus, and department.  The purpose of the questionnaire is to collect information about systems, services, and data that will inform efforts to continuously strengthen UConn’s information security posture. In addition to identifying institutional security gaps, this questionnaire also assists UConn in maintaining compliance with federal regulations, policies, procedures, and best practices in areas such as FERPA, HIPAA, PII, backups, and incident response. For more information, visit security.uconn.edu/risk-management.

The most commonly used security standard for Wi-Fi networks has been compromised.  A recent Key Reinstallation Attack (KRACK) breaks the handshake that encrypts the connection, and cyber criminals could target nearby Wi-Fi networks. There have been no reports yet of this vulnerability being actively exploited. However, ITS recommends that you take action to protect your devices and data.

The intended targets of this attack are end-user devices.  ITS-supported clients will be patched by ITS, and we strongly encourage that you install security updates on personal devices that connect to a Wi-Fi network as soon as they are available.  Microsoft has patched their operating systems, and Apple will be releasing fixes shortly.  Those with Android smartphones should check with their phone manufacturer or mobile carrier for updates.  Other devices, such as individual wireless routers, should be updated with vendor provided patches.

Please note: You are safe if your connection has other protection, such as HTTPS or VPN.

For more information or assistance, contact the ITS Help Center at techsupport@uconn.edu