Archives

VPN and Secure Remote Access

""   Overview and Key Features:

Members of the University community must secure their access to sensitive systems and protect themselves when connecting from remote locations, such as while traveling or working from home. Virtual Private Networks (VPNs) allow a user to route their computer’s internet traffic through a specific network while not directly connected to it. U of T offers two VPN tools for different purposes:

  • UTORvpn: A general remote access VPN that protects connections and allows users to connect to the campus wireless network remotely.
  • AdminVPN: Allows the owners of administrative and academic systems, as well as department administrators, to enforce strong authentication and secure connections.

   

Help - Free computer icons   Getting started

  1. Download Cisco Secure Client (for desktop) or the Cisco Secure Client app (for Android/iOS). Cisco Secure Client was previously known as “Cisco AnyConnect Secure Mobility Client”.
  • Installation instructions for Secure Client can be found below.
  1. Open Cisco Secure Client.
  2. From the dropdown menu, enter or select “general.vpn.utoronto.ca” and click Connect.
  3. An authentication window will open. Enter your UTORid and password, then cick OK.
  4. Your computer will notify you that it is now connected to UTORvpn.

For detailed connection walkthroughs, see the Enterprise Service Centre (ESC) Knowledge Base:

 

Installing the VPN client

You must have an administrator account to install Cisco Secure Client on desktop. If you are using a U of T-managed workstation, contact your local IT help desk to have them install the software for you.

Installing on Windows

  1. Navigate to your Downloads folder and run the Cisco Secure Client .msi
  2. Agree to the licence agreement and the installation will complete.

Installing on Mac

  1. Navigate to your Downloads folder
  2. Double-click on the Cisco Secure Client .pkg file to start the installer.
  3. Click Continue and accept the license agreement.
  4. Uncheck all modules except VPN. Click Continue.

 

Installing on Linux (Ubuntu)

  1. Navigate to your Downloads folder and extract the Cisco Secure Client gz file to a directory.
  2. Navigate to the VPN directory under the extracted directory. Right-click and choose Open In Terminal.
  3. Run the command: sudo bash vpn_install.sh. Enter your password when prompted.
  4. Agree to the license agreement and the installation will complete.

 

Endpoint Protection Service (SentinelOne)

Product overview - Free business icons   Overview and Key Features:

Only IT administrators or divisional leads may request this service on behalf of their units. Individual users should contact their local IT administrator for help with service requests.

Advanced endpoint protection provides next-generation anti-virus protection for university-owned user devices and servers. It gives units delegated access to manage their endpoints, including visibility on security alerts generated by the endpoint solution. This service enables quick detection of and response to attacks and device compromises.

This service is institutionally funded and comes at no cost to units for level 1 support.

 

Help - Free computer icons   Getting Started:

   

Question mark - Free communications icons   Get Help:

To request support, as a unit administrator:

To request support, as an end user:

Research Cyber Security Consultation

Product overview - Free business icons   Overview and Key Features:

Research cyber security consultations are virtual (or, if required, in person) meetings between RISP and researchers, research-supporting staff, project teams or students. During a consultation, RISP will answer your security questions/concerns and provide you with current guidance based on the University of Toronto’s policies, standards, procedures and guidelines, as well as general cyber security best practices.

 

Help - Free computer icons   Getting Started:

Open an Enterprise Service Centre ticket to contact the Research Information Security Program.

 

Question mark - Free communications icons   Get Help:

Cyber and Data Security

Geopolitical and collaboration risk

Resources

Privacy Impact Assessment

Product overview - Free business icons Overview and Key Features:

The Privacy Impact Assessment (PIA) service allows users of information technology to assess the impacts and risks related to the use of personal information for staff, faculty and students. PIAs are done as part of vendor and application reviews to identify privacy and compliance risks. However, it is recommended that any changes to data flows to existing processes also undergo PIAs to avoid non-compliance with FIPPA requirements.

 

Help - Free computer icons   Getting Started:

   

Question mark - Free communications iconsGet Help:

Privacy policy guidance

Freedom of Information and Protection of Privacy (FIPP) Office

Contact the Security team with questions at security@utoronto.ca

Password Management Service

,

""Overview and Key Features:

1Password is a cloud-based, cross-platform password management solution that allows users to organize and store all passwords in one secure place.

Password re-use (using the same password across multiple accounts) is a significant contributor to data breaches, as stolen credentials can be exploited to gain unauthorized access to other accounts. To address this vulnerability, the University of Toronto has acquired 5,000 1Password Business licenses for staff, faculty and librarians and six years of 1Password Families at no cost for students.

""Getting Started:

To set up your 1Password account, visit:

"" Get Help:

For more information and FAQs, visit the password manager page.

Directory and Authentication Services

""   Overview and Key Features:

Enterprise Active Directory (EAD) is a platform that provides authorization, roles and group services. It is a central database containing users’ information that is used for authentication and authorization. EAD is integrated into almost all major computing systems in the University and provides access to services such as Office 365.

There is no specific front-end usage of EAD. What it does remains transparent while it authenticates and authorizes you to access services – no action is needed from users. For additional information about EAD, see the Enterprise Service Centre Knowledge Base.

""   Getting Started:

There are over 65 separate instances of active directories within U of T. If you are managing one of these instances and would like to integrate with EAD, please submit a ticket through the Enterprise Service Centre to discuss your application.

""   Get Help:

EAD is managed and maintained by the Identity and Access Management (IAM) team. To contact IAM about EAD, please create a ticket through the Enterprise Service Centre.

There is a mailing list for EAD, which is used to send messages about the bi-monthly update meeting. To subscribe, send an email containing “SUBSCRIBE ENTERPRISEAD-L” in the message body to listserv@listserv.utoronto.ca.

Incident Response

Product overview - Free business icons   Overview and Key Features:

The incident response service monitors and responds to notifications of compromised U of T accounts, potentially compromised systems and phishing or other malicious emails to help protect the University’s community members, data and devices.

Depending on the scale of the information security incident, the Incident Response team can provide advice or full management of incidents from start to finish.

 

Help - Free computer icons   Getting Started:

Low severity incidents:

For low severity incidents, such as a compromised account or clicking a link in a phishing email, contact security.response@utoronto.ca.

Medium to critical severity incidents:

For information about medium to critical severity incidents, refer to the Incident Response Plan. If you are experiencing a medium to critical severity incident, complete the incident intake form.

 

Question mark - Free communications icons   Get Help:

Those involved in responding to information security incidents at the University should refer to the incident response tools and resources and the Incident Response Plan for guidance.

For incident response inquiries, contact security.response@utoronto.ca.

 

Information Risk Assessment

   ""   Overview and Key Features:

The information risk assessment is a systematic evaluation process designed to identify, analyze and manage potential risks associated with projects and vendors (applications, hardware, service providers or any other vendors where data collection, storage or transfer may be involved). Regular risk assessments allow organizations to stay ahead of potential vulnerabilities, ensuring that the mitigation, avoidance, acceptance or transfer of identified risks remains effective over time.

This assessment is a proactive measure to enhance information security practices and maintain a resilient and secure environment at U of T. It is a valuable tool for those involved in projects and vendor relationships, such as project teams, departments and vendors engaged with the University, and it promotes a culture of risk-aware decision-making and continuous improvement.

 

Help - Free computer icons   Getting Started:

  

""   Get Help:

Explore the handbook to get actionable steps and helpful information for your cyber security questions and requirements. This handbook is a trusted resource created by the Information Security team for the U of T community.

 

Group Management Service (UTORGrouper)

""   Overview and Key Features:

UTORGrouper is the controlling authority for groups at UofT. Grouper simplifies group management by allowing you to delegate group management or visibility. Grouper enables you to manage your unit’s access groups centrally and have them flow to other services.

 

Help - Free computer icons   Getting Started:

If you’re an application administrator and need help connecting to Grouper, email utorgrouper.admin@utoronto.ca to create an ESC ticket. You’ll get an autoreply with a link to the ticket.

Useful Guides: 

Grouper currently handles approximately 100 applications, with many more expected to be added over time. Your first point of contact for help is the application administrators or your help desk.

If you’re an application administrator and need help connecting to Grouper, email utorgrouper.admin@utoronto.ca to create an ESC ticket.

Institutional Identity and Login (UTORid)

""   Overview and Key Features:

The UTORid (along with a password) is a user identifier used to access many University of Toronto services. Some applications requiring the UTORid include:

   

Help - Free computer icons   Getting Started:

   

Question mark - Free communications icons   Get Help:

To troubleshoot issues with your JOINid or UTORid, see articles on the Help Desk Knowledge Base before contacting support.

Information Commons Help Desk