Archives

Travel and Expense Reimbursement (Concur)

""   Overview and Key Features:

Concur is the University’s travel and expense reimbursement tool. After gathering feedback from the U of T community and undertaking a rigorous Request for Proposal (RFP) process, Concur was chosen to make it easier and faster to submit and process expense claims.

Key Features:

  • Concur is used for travel and expense reimbursements and T&H card reconciliation.
  • Concur is available for all for appointed/non-appointed employees at U of T.
  • Concur is fully digital and has an optional mobile app in addition to a desktop application.

""   Getting Started:

""   Get Help:

Event Registration and Management System (EVE)

""   Overview and Key Features:

EVE (Event Registration and Management System) is a one-stop platform for managing events, workshops, conferences, and meetings hosted at the University of Toronto. It supports in-person, online, and hybrid event types and provides end-to-end management from registration setup to post-event surveys.

Key Features:

  • Create and manage event registration pages for U of T audiences or the general public.
  • Customize registration forms, confirmation messages, and attendee communications.
  • Track registrations, attendance, and event metrics through built-in reporting tools.
  • Publish events on your divisional or departmental subdomain.
  • Supports both single departmental (Op Unit) and divisional configurations, depending on your needs.

Operated by the Web Services team (EASI Division), EVE is available for administrative use across the university.

""   Getting Started:

Visit https://help.eve.utoronto.ca for setup instructions, FAQs, and training materials.

Departments and divisions interested in trying EVE can request access to a free trial instance before full deployment.

""   Get Help:

For assistance or to request access, contact the Web Services team at webservices@utoronto.ca.

URL Shortening Service (UofT.me)

""  Overview and Key Features:

UofT.me is a U of T branded URL shortening service that lets you create short, memorable links for official university web pages. Instead of sharing long or complex URLs, users can generate a concise UofT.me link that’s easy to type, remember, and share.

Key Features:

  • Create short, professional U of T–branded links instantly (No sign-in required).
  • Works across select U of T domains to ensure authenticity and consistency.
  • Ideal for email campaigns, social media, and printed materials.
  • Maintains university identity while improving usability and link readability.
  • Managed and supported by the Web Services team (EASI Division) for administrative use.

""  Getting Started:

  1. Visit https://uoft.me.
  2. Enter the long U of T URL you’d like to shorten.
  3. Choose a custom keyword (optional) to personalize your shortlink.
  4. Click Shorten URL to instantly generate your UofT.me link.

You can now share the shortened link in emails, websites, or marketing materials.

Question mark - Free communications icons   Get Help:

For assistance or feedback, please contact the Web Services team at webservices@utoronto.ca.

Weblogin

"" Overview and Key Features:

Weblogin is the web single sign-on service, which is used by hundreds of University service providers to provide authentication via UTORid/password. It also provides ‘coarse-grained’ authorization attributes such as affiliation and email address, which can be used by services to create and maintain local accounts and restrict access. Weblogin uses Shibboleth as the underlying technology.

  • Federated access

The University’s Weblogin service is integrated with the Canadian Access Federation, a Canada-wide service that provides access to Canadian and worldwide services, including:

  • Weblogin access integration with other Canadian higher-ed services.
  • University of Toronto services access via other Canadian institution access systems.
  • Integration with eduGAIN, a service that extends the Canadian higher-ed federated capability to educational institutions in the United States and across the world.

""  Getting Started:

Access the Weblogin service

  • Users:

For information on using federated login services, visit the CANARIE website or contact Information Security.

  • Technical staff:

To implement Weblogin, refer to “Installing and configuring Shibboleth”, and “SAML attributes available from Weblogin”.

""   Get Help:

For Weblogin issues, contact your local help desk.

Vulnerability Management Service (VMS)

"" Overview and Key Features:

Vulnerability management is the process of identifying, evaluating, treating and reporting on security vulnerabilities in systems and the software that runs on them. This, implemented alongside other security tactics, is vital for organizations to prioritize potential risks and minimize their attack surface.

Security vulnerabilities refer to technological weaknesses that allow malicious actors to compromise a product and the information it holds. This process needs to be performed continuously to keep up with new systems being added to networks, changes that are made to systems and the discovery of new vulnerabilities over time.

""  Getting Started:

The cost for the VMS is being incurred by Information Security and will be provided as a complimentary service to all tri-campus units. The vulnerability scan results are restricted to a need-to-know basis.

If you are authorized, the vulnerability scan results associated with your unit can be accessed through the Vulnerability Reporting Portal by logging in with your UTORid.

If you are a network or server administrator and do not have access to the vulnerability scan results for systems you manage, contact us at security.admin@utoronto.ca.

""   Get Help:

For information about use of Tenable at the University of Toronto, refer to the Tenable.IO University Training Guide. Additionally, you can find free Tenable tutorials on the Tenable website.

TLS Certificates

"" Overview and Key Features:

Transport Layer Security (TLS) certificates, formerly known as Secure Sockets Layer (SSL) certificates, are digital certificates that keep your internet connection safe by encrypting the data between your web browser, the website and its server.

The TLS service provides a cost advantage over purchasing it direct from a commercial certificate authority. Other benefits include:

  • The site validation process for the utoronto.ca or toronto.edu domains is completed.
  • There is no cost charged back to the individual department or division for most certificate products.
  • Notification of imminent certificate expiry is provided at least two weeks before the expiry date.
  • Information Security adds a departmental contact vetting process to ensure authorization to use server certificates.
  • Automatic certificate renewal (ACME) is available for this service.

""  Getting Started:

Information Security, part of ITS, facilitates the purchase of Sectigo TLS certificate products for University server administrators. To order certificates, you use the Sectigo Certificate Manager.

To order a new TLS certificate, refer to the ordering a TLS certificate article in ESC.

To set up automatic renewal for an existing TLS certificate, refer to the using ACME automatic renewal article in ESC.

""   Get Help:

For support, submit a request via the Enterprise Service Centre (ESC).

Tabletops as a Service (ImmersiveLabs)

"" Overview and Key Features:

We provide a tool for incident response training to help you prepare your staff for various information-security incidents. The Immersive Labs Crisis Sim platform is designed to enhance your team’s strategic decision-making skills in different types of security incidents.

""  Getting Started:

Facilitators should request access in ESC.

Participants don’t need to register. You’ll receive a link when you’re invited to an exercise.

Usage Guide.

""   Get Help:

Vendor support: Immersive Labs help center (logged-in users only)

Internal support: Email security@utoronto.ca to create an ESC ticket.

Security Awareness and Training (SAT)

"" Overview and Key Features:

Security Awareness and Training (SAT) service is designed to equip staff, librarians and faculty with the knowledge, practices and technologies needed to protect themselves and the University from cyber threats.

This service is institutionally funded and comes at no cost to units.

  • Essential security and privacy modules: Engaging, short and interactive training modules to provide baseline knowledge in security and privacy
  • Monthly Phishing Simulations: Realistic phishing exercises to test users’ ability to identify and report malicious emails
  • Delegated access to units: Units get delegated access to the SAT platform and can onboard their users at their own pace

""  Getting Started:

This service is offered to all staff, librarians and faculty through their unit administrators. Any unit can join the service by submitting a SAT service unit onboarding request.

Once onboarded into the Security Awareness and Training (SAT) service, users receive initial onboarding training, followed by quarterly refresher modules. For more information, refer to the SAT user onboarding workflow article.

For details on the delineation of responsibilities between the unit and the institutional service team, please refer to the SAT service roles and responsibilities (RACI) chart document.

""   Get Help:

To request support, as an end user: Please contact your local administrator.

To request support, as a unit administrator: Please submit a SAT service support request.

For any other questions or feedback: security.training@utoronto.ca

Risk Guidance and General Inquiries

"" Overview and Key Features:

The Information Risk team is available to provide guidance and answer general inquiries about information security risk management. This service can help to enable units and divisions to manage their exposure to risks and make risk-informed decisions.

""  Getting Started:

To access this service, please submit a ESC ticket.

""   Get Help:

All questions about risk are welcome. If you have a question or you’re unsure whether something is an information security risk, please reach out to Kanupriya Kejriwal, Manager, Risk Management at kanupriya.kejriwal@utoronto.ca.

Research Cyber Security Training

"" Overview and Key Features:

Research cyber security training aims to:

  • Equip research teams with cyber security best practices
  • Offer discipline- and solution-specific training
  • Address cyber security questions related to research, roles and solutions
  • Fulfill training requirements for specific applications and agreements

Through researcher-focused cyber security training, teams will gain a general understanding of how to better secure their research projects. Training is delivered synchronously, either virtually or in person.

""  Getting Started:

Connect with the Research Information Security Program team via Enterprise Service Centre (ESC) to safeguard research knowledge, intellectual property and data.

""   Get Help:

Contact the Research Information Security Program team: research.infosec@utoronto.ca.