ITS and UVa logos for printed output

ITS Services Catalog

Services for Category: Security

Search for a Service:

[ Services By Category | Alphabetical Index of Services ]

Here is a list of ITS services related to the category of Security.

2-Step Login (Duo)
Two-Step Login provides an additional security layer by requiring 2 types of authentication to verify a user's identity. This 2-step process, something you may already use for online banking or paying bills, will help protect institutional and personal data by adding extra security to NetBadge-protected resources. More info »
Access Management
Management of user access to central IT systems; services include:
  • General computing accounts support
  • Identity verification; UVA Identity Token pick up/drop off
  • Specialized data access to HR/Finance, SIS, Document Imaging and Management Services (formerly ImageNow) and VITA
More info »
Annual Security Reporting (IT-RM) Program
The University of Virginia is committed to preventing incidents that may impact the confidentiality, integrity, and availability of information assets. In accordance with the University's Information Security Risk Management Program (IS-RM) Policy, all departments are required to complete an annual risk assessment to evaluate the effectiveness of IT security controls within their environments. This survey is intended to guide your department in conducting the required risk assessment, which includes updating the department's mission, business continuity plan, and disaster recovery plan. More info »
Anti-Phishing & Security Awareness
Phishing is a fraudulent attempt, usually made through email, to steal your personal information. The best way to protect yourself from phishing is to learn how to recognize it. More info »
CrashPlan (Desktop Backup Service)
CrashPlan is a cloud-enhanced desktop backup service. Code42 securely backs up your endpoint devices to the cloud, while keeping the security keys to your content safely in UVA's control.

CrashPlan provides:
  • Cloud storage for backup of up to 4 endpoint devices per user
  • Protection against crypto-ransomware and other malicious software that destroys/encrypts content on end-user devices
  • Protection of University data on endpoint devices from loss due to hard drive failure, computer failure, etc.
More info »
Emergency Notification
Emergency notification includes Mass Email, UVA Alerts, LED Display, and other services.

Emergency Notification Systems are used by an authorized group of people (primarily the University Police Department) to send time-sensitive emergency messages using multiple notification modes to all faculty, staff, and students in the Charlottesville area. This includes:
  • An email message to your primary University email account
  • Displays in classrooms of 150 or more
  • Emergency messages on all HooView-participating displays and departmental displays subscribing to the Display Override option
More info »
ITS's Level III Firewall Service supports customized secure zones within the UVA network. Typically these are for small groups of departmental servers that have specific access requirements which cannot be accommodated on the (free) UVA More Secure Network. Service features are customized to the instance. Several standard options are available:
  • University Data Center Shared Departmental Firewall
  • University Data Center Private Departmental Firewall
  • Departmental Firewall
  • Redundant Departmental Firewall Pair with Failover
More info »
Identity Tokens (UVA Identity Tokens)
The UVA Identity Token is used for identifying a user to various systems requiring two-factor authentication. Tokens are provided to any University affiliate who needs one to access networks or servers protecting sensitive data, or other systems that require two-factor authentication. More info »
LDAP (Lightweight Directory Access Protocol)
Lightweight Directory Access Protocol (LDAP) service at UVA is a directory of publicly-accessible information about UVA people, containing a subset of the available data in the UVA User Database.
Public LDAP can be used to look up registered email addresses, office phone numbers, etc. for members of the UVA community. UVA users who have elected to make all their information private do not appear in this search. Public LDAP is also used by the UVa People Search Web Interface.
Many University Web applications protected by the NetBadge service access the Private LDAP service to determine whether a user is authorized to use that application based on their status as a faculty, staff, or student. More info »
NetBadge verifies a user's identity for those UVA websites, services, and applications that need to restrict access to certain groups or protect content. NetBadge is not an ITS computing account.

When attempting to connect to anything secured by NetBadge, you must log in to NetBadge with either: All traffic and actions on the UVA network are subject to University policies. By connecting to the University's network, you acknowledge and consent to these terms.

ITS provides information to developers on configuring Web application server access to single sign-on login services with NetBadge. More info »
Report a Security Problem
Information Security responds to reports and complaints about the abuse of information resources, malware infections, and legal concerns. Complaints about unwanted or phishing emails, problems with unsolicited mailing list messages, etc., should be emailed to Security incidents are reported by completing the report form. More info »
SecureUVA Initiatives (Security Enhancement Program)
Information Security is implementing technical solutions to thwart malicious activities. For a list of projects, their goals, and estimated timelines of completion, visit the SecureUVA website (NetBadge credentials required to access website). More info »
Security and Sensitive Data Scanning
  • Networked Device Security Vulnerability Scanning

    Internet Security Scanning (ISS) allows a user to request that a set of machines on the UVA network be scanned for known vulnerabilities. The vulnerability database is updated regularly to enable detection of recently discovered vulnerabilities for all operating systems. After the scan has been run, a report will be emailed to the requester detailing the findings from the scan. For more information and to request, see
  • Web Application Security Vulnerability Scanning

    Server-based software that runs security tests against Web applications and/or operating systems and installed software. Detailed reports from the scanner provide mitigation techniques and fixes that can be implemented in a timely manner. For more information and to request, see Web Application Vulnerability Scanner.
  • Sensitive Data Scanning

    Support and assistance for departments to scan and remediate server shares and end-user computers for highly sensitive data using Identity Finder client and server software.

    Request via email. More info »
Security Consultations
Consultations provided on all Information Security topics. Consultations may take the form of an email, telephone call, and/or meeting. More info »
Shibboleth - Usage Configuration
Configure the trust mechanism between Shibboleth and the service provider. More info »
SSL Server Certificate Service
A secure socket layer (SSL) server certificate is used for securing communication with Web servers. The ITS SSL server certificate service leverages the InCommon Federation and Internet2 to provide a cost-effective commercial solution to its members including ITS. Though this service, SSL server certificates are available for free to departments with any domain name owned by the University. More info »
Storage - RESSCU - Tertiary Storage for Disaster Recovery
RESSCU (Remote Electronic Storage for Safeguarding Continuity of the University) provides remote storage for disaster recovery (DR) at Virginia Tech in Blacksburg, Virginia. This is a service that provides access and a location to store DR data, but not the transfer unless requested specifically. More info »
Virtual Private Network (VPN)
The UVA Virtual Private Network (VPN) service provides authorized users secure, authenticated access to resources normally limited to on-Grounds use. UVA offers three VPN service profiles:
  • UVA Anywhere: Provides an off-Grounds connection to resources that normally require you to be on Grounds to use them; e.g., Library resources, the UVA Home Directory Service, the Exchange Server, servers restricted by departments, etc.
  • Joint VPN: Enables academic users to access high-security network resources from on- or off-Grounds.
  • UVA More Secure Network: Enables access for faculty and staff to resources protected by the More Secure Network, from on- or off-Grounds. Learn More about the UVA More Secure Network.

All traffic and actions on the UVA network are subject to University policies. By connecting to the University's network, you acknowledge and consent to these terms. More info »

  Page Updated: Wednesday, 2013-07-03 10:01:58 EDT