Security Tools Information and FAQ
In a continued effort to ensure that the data entrusted to us is kept secure, the University has approved the deployment of security tools to each individual’s computer.
There are four security tools being deployed at this time:
Description of Software
Antivirus software helps fight pervasive software viruses, Trojans and root-kits.
Sophos is the University’s antivirus software. The software is free for all faculty, staff and students and is available for both work and home computer use
Patching software ensures operating systems and key University software programs are kept free from security vulnerabilities.
Absolute Manage (for Mac) and SCCM (for Windows) will be installed on computers to ensure that operating systems receive patches and anti-virus signatures to address potential vulnerabilities and security threats.
Identity Finder software looks for Legally Restricted information.
Identity Finder will be installed and run on computers to detect the presence of personally identifying information (SSNs, credit card numbers) and other legally restricted information that should be protected or removed.
Encryption software ensures that data stored on the device cannot be accessed without proper credentials when the computer is locked or powered off.
Pointsec is a whole disk encryption tool and will be installed on a computer if there is a need to store legally restricted or personally identifying information on the local hard drive. If possible, we encourage users to store this data on a network drive.
Who should I contact if I have a question that is not covered in this page?
University IT Help Desk
Phone: 585-275-2000 (x52000)
Frequently Asked Questions for Patch Management:
1. Who is the target community?
All University of Rochester owned Microsoft Windows and Apple Mac OS based computers
2. Why are some members of the academic community being asked to install the software and not others?
We are deploying the tools to those in staff functions first. Deployment to faculty will be evaluated after the completion of a pilot to a select group. We are not deploying the solutions to machines personally owned by faculty, staff or students.
3. Does the software allow access to any of my personal information to administrators?
No additional access to documents and files stored locally on the machines is given by having the software installed. Information about the health of the device and versions of software will be collected by the University IT helpdesk to ensure routine maintenance is completed.
4. How often will this software be launched and by whom?
The patch management software will run when new patches are available and need to be installed on your machine.
5. Will I know who is attaching to my machine if that is required?
No one will be attaching to your computer; the software runs in the background.
6. What are the known issues presented with this software and other software I may have on my machine?
Currently, there are no known issues with this software and other software that may be installed on the machine.
7. Do I need to do anything?
Once the software is installed on the machines, the only interaction required is the periodic rebooting of the machine. We recommend that you reboot your machine at least once a week but no less than once a month is required.
8. Does this work from off campus and how?
The software will only work from off campus if you connect to the University Network via VPN. The software will then function as if you were on campus. We recommend that you connect to the University Network weekly if you are going to be off campus for an extended period of time, but no less than monthly.
9. Can I get the software removed if my computer is "disposed" and I want to take it for personal use
Computers that will be “disposed” and/or taken for personal use should have the hard drive either wiped clean or the hard drive itself physically removed and destroyed. The software that has been previously installed on the machine may not be licensed properly for “home” or “personal” use. Software licenses that have been previously used on the computer may be “reclaimed” and/or “re-used”. Wiping the hard drive is the easiest way to ensure that the University of Rochester is abiding by all software End User License Agreements and that we are not inadvertently subjecting the University of Rochester to hefty fines from software vendors.
10. How often are updates pushed out to my computer?
For Microsoft Windows based computers, normal patches are released by Microsoft on the second Tuesday of each month. University IT downloads the patches and distributes them to test machines during that week. If no issues are detected, the patches are released the following Monday for general installation. Unless a machine is assigned into a special group, the next time client checks in for new policies, it will determine which patches are relevant and pull them locally from the server and begin the installation.
11. I am concerned about potential loss of work; does the computer automatically restart when the updates are pushed out?
The default policy, unless prior arrangements have been made, it to specifically NOT automatically restart the computer after updates are installed. Instead, the logged in user will be notified via an icon in the taskbar that a reboot is needed to finish the installation. When convenient for the user, the machine must be manually restarted.
Frequently Asked Questions for Identity Finder:
1. How often will this software be launched and by whom?
Identity Finder will run automatically on a monthly schedule determined by your departmental Data Security Liaison. Contact your liaison or IT support staff to find out the schedule for your department. Identity Finder can also be launched manually by you at any time to search for sensitive data.
2. What options are available to the user for the results if any?
- If the matches are false positives, use the Ignore option within Identity Finder. The files will not be touched, but will no longer show up in the results list.
- If the files with sensitive data are no longer needed, use Identity Finder’s Shred function to securely delete them.
- If the files with sensitive data are needed, but the identifying information is not needed, please remove the identifying information from within the files. The Scrub function in Identity Finder is able to do this with some file types.
- If the files with sensitive data are needed and the identifying information must be kept, leave the files in the list and DO NOT TAKE ANY ACTION within Identity Finder.
- The collection must be reported to University IT through this website: http://www.rochester.edu/it/policy/ssn-pii/.
3. Does it work from Off campus and how?
You cannot install Identity Finder while you are off campus. However, once Identity Finder is installed, you can run searches while off campus. Scheduled monthly searches will also run when you are off campus.
4. Who has access to the results of the scan other than me?
The specific PII match data (such as SSN, credit card or bank account numbers) are not accessible by anyone but you. The following data is reported to the central Identity Finder server: computer name, match location, counts of findings, and username that ran the search. This data is used by University IT and your Data Security Liaison for reporting purposes only.
5. Will this program have to stay on my computer indefinitely?
The program will stay on indefinitely for those faculty and staff working in “high risk” areas. For those not working in “high risk” areas, the program may be removed after a user has 3 consecutive months with no legally restricted information identified on the reports. Desktop support and data security liaisons have the list of “high risk” departments.