Archives

VPN and Secure Remote Access

Vpn - Free security icons

Overview and Key Features:

Members of the University community must secure their access to sensitive systems and protect themselves when connecting from remote locations, such as while traveling or working from home. Virtual Private Networks (VPNs) allow a user to route their computer’s internet traffic through a specific network while not directly connected to it. U of T offers two VPN tools for different purposes:

  • UTORvpn: A general remote access VPN that protects connections and allows users to connect to the campus wireless network remotely.
  • AdminVPN: Allows the owners of administrative and academic systems, as well as department administrators, to enforce strong authentication and secure connections.

Help - Free computer icons   Getting Started:

  1. Download the Cisco AnyConnect VPN client (for desktop) or the Cisco AnyConnect app (for Android/iOS).
    • Installation instructions for the Cisco AnyConnect VPN client can be found below.
  2. Open the Cisco AnyConnect client. Enter or select “general.vpn.utoronto.ca” and click Connect.
  3. An authentication window will open for the group “UofT Default”. If you need all network traffic (including video streaming) routed via VPN, select “UofT Full”; this is not recommended.
  4. Once the group is selected, enter your UTORid and password. Click OK.
  5. Your computer will notify you that it is now connected to UTORvpn.

Question mark - Free communications icons   Get Help:

For detailed connection walkthroughs, see the Enterprise Service Centre (ESC) Knowledge Base:

For all other VPN service inquiries, create a ticket on the Enterprise Service Centre (ESC).

SentinelOne for Managed Desktops

SentinelOne | Marketplace and Integrations | ThreatConnect

Product overview - Free business icons   Overview and Key Features:

Only IT administrators or divisional leads may request this service on behalf of their units. Individual users should contact their local IT administrator for help with service requests.

Advanced endpoint protection provides next-generation anti-virus protection for university-owned user devices and servers. It gives units delegated access to manage their endpoints, including visibility on security alerts generated by the endpoint solution. This service enables quick detection of and response to attacks and device compromises.

This service is institutionally funded and comes at no cost to units for level 1 support.

Help - Free computer icons   Getting Started:

Question mark - Free communications icons   Get Help:

To request support, as a unit administrator:

To request support, as an end user:

Research Cyber Security Consultation

Product overview - Free business icons   Overview and Key Features:

Research cyber security consultations are virtual (or, if required, in person) meetings between RISP and researchers, research-supporting staff, project teams or students. During a consultation, RISP will answer your security questions/concerns and provide you with current guidance based on the University of Toronto’s policies, standards, procedures and guidelines, as well as general cyber security best practices.

Help - Free computer icons   Getting Started:

Open an Enterprise Service Centre ticket to contact the Research Information Security Program.

Question mark - Free communications icons   Get Help:

Cyber and Data Security

Geopolitical and collaboration risk

Resources

Privacy Impact Assessment

Assessment - Free seo and web icons

 

Product overview - Free business icons Overview and Key Features:

The Privacy Impact Assessment (PIA) service allows users of information technology to assess the impacts and risks related to the use of personal information for staff, faculty and students. PIAs are done as part of vendor and application reviews to identify privacy and compliance risks. However, it is recommended that any changes to data flows to existing processes also undergo PIAs to avoid non-compliance with FIPPA requirements.

Help - Free computer icons   Getting Started:

Question mark - Free communications icons   Get Help:

Privacy policy guidance

Freedom of Information and Protection of Privacy (FIPP) Office

Contact the Security team with questions at security@utoronto.ca

1Password

,

Overview and Key Features:

1Password is a cloud-based, cross-platform password management solution that allows users to organize and store all passwords in one secure place.

Password re-use (using the same password across multiple accounts) is a significant contributor to data breaches, as stolen credentials can be exploited to gain unauthorized access to other accounts. To address this vulnerability, the University of Toronto has acquired 5,000 1Password Business licenses for staff, faculty and librarians and six years of 1Password Families at no cost for students.

Getting Started:

To set up your 1Password account, visit:

Get Help:

For more information and FAQs, visit the password manager page.

Form - Free communications icons1Password Onboarding Form

Guide - Free education iconsUsage guide for Faculty and Staff

Guide - Free education iconsUsage guide for Students

Enterprise Active Directory (EAD)

Test - Free interface icons   Overview and Key Features:

Enterprise Active Directory (EAD) is a platform that provides authorization, roles and group services. It is a central database containing users’ information that is used for authentication and authorization. EAD is integrated into almost all major computing systems in the University and provides access to services such as Office 365.

There is no specific front-end usage of EAD. What it does remains transparent while it authenticates and authorizes you to access services – no action is needed from users. For additional information about EAD, see the Enterprise Service Centre Knowledge Base.

Start - Free time and date icons   Getting Started:

There are over 65 separate instances of active directories within U of T. If you are managing one of these instances and would like to integrate with EAD, please submit a ticket through the Enterprise Service Centre to discuss your application.

Help - Free computer icons   Get Help:

EAD is managed and maintained by the Identity and Access Management (IAM) team. To contact IAM about EAD, please create a ticket through the Enterprise Service Centre.

There is a mailing list for EAD, which is used to send messages about the bi-monthly update meeting. To subscribe, send an email containing “SUBSCRIBE ENTERPRISEAD-L” in the message body to listserv@listserv.utoronto.ca.

Incident Response

Product overview - Free business icons   Overview and Key Features:

The incident response service monitors and responds to notifications of compromised U of T accounts, potentially compromised systems and phishing or other malicious emails to help protect the University’s community members, data and devices.

Depending on the scale of the information security incident, the Incident Response team can provide advice or full management of incidents from start to finish.

Help - Free computer icons   Getting Started:

Low severity incidents:

For low severity incidents, such as a compromised account or clicking a link in a phishing email, contact security.response@utoronto.ca.

Medium to critical severity incidents:

For information about medium to critical severity incidents, refer to the Incident Response Plan. If you are experiencing a medium to critical severity incident, complete the incident intake form.

Question mark - Free communications icons   Get Help:

Those involved in responding to information security incidents at the University should refer to the incident response tools and resources and the Incident Response Plan for guidance.

For incident response inquiries, contact security.response@utoronto.ca.

 

Information Risk Assessment

  Cyber security - Free security icons

 Assessment - Free wellness icons   Overview and Key Features:

The information risk assessment is a systematic evaluation process designed to identify, analyze and manage potential risks associated with projects and vendors (applications, hardware, service providers or any other vendors where data collection, storage or transfer may be involved). Regular risk assessments allow organizations to stay ahead of potential vulnerabilities, ensuring that the mitigation, avoidance, acceptance or transfer of identified risks remains effective over time.

This assessment is a proactive measure to enhance information security practices and maintain a resilient and secure environment at U of T. It is a valuable tool for those involved in projects and vendor relationships, such as project teams, departments and vendors engaged with the University, and it promotes a culture of risk-aware decision-making and continuous improvement.

Help - Free computer icons   Getting Started:

Get Help:

Feature - Free interface icons   Information Security Handbook

Explore the handbook to get actionable steps and helpful information for your cyber security questions and requirements. This handbook is a trusted resource created by the Information Security team for the U of T community.

Visit the Information Risk Assessment guide for more information.

 

UTORGrouper

Team management - Free people icons

Overview and Key Features:

UTORGrouper is the controlling authority for groups at UofT. Grouper simplifies group management by allowing you to delegate group management or visibility. Grouper enables you to manage your unit’s access groups centrally and have them flow to other services.

Help - Free computer icons   Getting Started:

If you’re an application administrator and need help connecting to Grouper, email utorgrouper.admin@utoronto.ca to create an ESC ticket. You’ll get an autoreply with a link to the ticket.

Documentation - Free business and finance icons   Useful Guides: 

Grouper currently handles approximately 100 applications, with many more expected to be added over time. Your first point of contact for help is the application administrators or your help desk.

If you’re an application administrator and need help connecting to Grouper, email utorgrouper.admin@utoronto.ca to create an ESC ticket.

UTORid

Overview and Key Features:

The UTORid (along with a password) is a user identifier used to access many University of Toronto services. Some applications requiring the UTORid include:

Help - Free computer icons   Getting Started:

Question mark - Free communications icons   Get Help:

To troubleshoot issues with your JOINid or UTORid, see articles on the Help Desk Knowledge Base before contacting support.

Documentation - Free business and finance icons   UTORid FAQs

Information Commons Help Desk