Information security plays a vital role in protecting the confidentiality, integrity, and availability of information at the University of North Carolina at Chapel Hill. To do that, we need you to be responsible users of the University’s network and computing resources. This website will provide you with guidance on important issues as you study, research, teach, and work at the University.
Latest News & Tips
Guidance on File Uploads
Only use WordPress Gravity Forms for Non-sensitive Information (Tier 0 or 1)! The Gravity Forms plugin included with ITS Self-service and Enterprise WordPress offerings does not limit access to file uploads; these files are stored in a world readable directory … Continued
Website Hosting Guidance
There are a lot of options for creating and deploying websites. Here is some guidance to help highlight some of the options provided by UNC and to ensure University data is protected when deploying websites for university business. We also … Continued
Fake Voicemail to Email Phishing Lure
The Information Security Office (ISO) is seeing a rise in spear phishing attacks utilizing some or all of the following characteristics: A Subject title such as “Hi <username>, you have 1 VN on <date>. Refer below to listen” accompanied by … Continued
LastPass security breach: what you need to know and do
LastPass, the password manager tool offered to the University, recently reported a security breach. Your must-read quick summary If you access LastPass by logging in with your Onyen or Kenan-Flagler login, no action is required. If you access LastPass with … Continued