. .

What's New?

Phishing Scam (asking to send your Password). DO NOT REPLY! E-mails have been circulating from sources claiming to be from OIT. These are phishing scams. OIT would NEVER ask for your password. More information at OIT Systems Status page.

Find the Office of the CIO on Facebook

Hot Topics

Incident Response

BuckeyeSecure

Archive - BuckeyeSecure Archived News main index page
ArchiveAut07 - BuckeyeSecure News from Autumn 2007
ArchiveSpr07 - BuckeyeSecure News from Spring 2007
ArchiveSum07 - BuckeyeSecure News from Summer 2007
ArchiveWint07 - Archived news from Winter 2007
ContactUs - Main index for submitting questions via the web site. This page directs you to the appropriate email form.
ContactWebmaster - Use this email form to contact the BuckeyeSecure Webmasters.
Index - BuckeyeSecure homepage
Services - List of OIT service offerings
SiteMap - Index of pages on the BuckeyeSecure web site

InformationSecurity

2006 - 2006 SECWOG meeting history
2007 - 2007 SECWOG meeting history
ApprovedCCE - A list, organized by UCSS standard, of the devices that have been granted an approved compensating control or exception.
Archive - Archive of Information Security events, past meetings, and presentations.
Bios - Bios of the Information Security team (and distinguished others) who have spoken at Information Security events.
BlanketCCE - The current blanket compensating controls and exception categories for a number of general classes of devices.
BootCamp - Outline of the Security Boot Camp sessions.
CCFAQ - Frequently Asked Questions on the University Computer Security Standard Compensating Control Request process.
Contact - Contact information for the Office of the CIO Information Security group.
Controls - The compensating controls submission form as well as the list of approved general compensating controls and exceptions under the University Computer Security Standards.
CriticalReg - The web form for entry of critical servers according to the requirement set forth in the CSSS.
CSDay - Overview of Cybersecurity Day 2007.
Directions - Directions to Baker Systems Engineering.
Events - Information on monthly SECWOG meetings and all other Information Security events.
ExceptFAQ - Frequently Asked Questions on the University Security Computer Security Standards Exception request process.
Exceptreq - Form for submitting a request for an exception.
FAQ - Index of all the most commonly asked Information Security questions.
FAQBlocking - Frequently Asked Questions on blocking and unblocking devices.
FAQFirewall - Frequently Asked Questions on firewalls.
FAQGeneral - Frequently Asked Questions on general information security topics.
FAQIncident - Frequently Asked Questions on Incident Response.
FAQMail - Frequently Asked Questions on e-mail and news messages.
FAQScanning - Frequently Asked Questions on Scanning.
FAQSystem - Frequently Asked Questions on System Configuration.
Glossary - Glossary of common information security terms.
GroupHeader -
Index - Main page for the Office of the CIO Information Security group section of the website.
Links - Links to Information Security resources.
Media - Podcasts, vidcasts and pdf or slides of Information Security talk materials - as well as educational materials to help train your faculty, staff and students about cybersecurity related topics.
PGPFAQ - Frequently Asked Questions on PGP Whole Disk Encryption.
Podcast - Information about podcasting and listening to podcasts.
Recent - Information on a security incident and recommendations for prevention.
Services - Description of the services the Information Security team provides.
SQLInjection - Information about SQL injection attacks.

Policy

CSSS - OSU Critical Server Security Standard
DataBestPractices - Best practices for protecting data includes electronic files, computers, network, portable storage, paper, and phone or fax.
DataClassification - Defines institutional data and an overview of the data classifications as described in the Institutional Data Policy.
DataFAQ - Frequently Asked Questions on data classification and access control.
DSSS - OSU Database Server Security Standard
Federal - Federal policies regarding the protection of personal information and institutional data.
GLBFAQ - Frequently Asked Questions on the Gramm-Leach-Bliley Act training course.
GLBTraining - Overview of the GLB training and instructions for accessing it.
IdentifierFAQ - Frequently Asked Questions on the use of alternative identifiers and the OSU ID number.
IDFAQ - Frequently Asked Questions on the university's Institutional Data Policy.
ImplementationPlan - Information for units participating in the information security reporting process. Includes directions for accessing web form.
ImplementationPlanFAQ - Frequently Asked Questions on the Information Security plans and reporting process.
Index - The main page for the Policy section of the website.
InstitutionalDataTraining - About the Institutional Data Policy Training, including instructions for accessing the training.
ITSecurityFramework - Overview of OSU's IT Security Framework.
ITSecurityFrameworkTraining - Information about the IT Security Framework training and instructions for accessing the ISO documents.
MCSS - OSU Minimum Computer Security Standard
MCSSFAQ - Frequently Asked Questions on the Minimum Computer Security Standard.
Ohio - Ohio policies regarding the protection of personal information.
PublicRecords - General public records issues and questions.
RestrictedDataElements - Overview of restricted data, including a list of current data elements classified as restricted.
RestrictedFAQ - Frequently Asked Questions on restricted data.
SSNFAQ - Frequently Asked Questions on SSN usage and protection.
TrainingFAQ - Frequently Asked Questions on the Institutional Data Policy Training.
TrainingReports - Instructions for accessing the Institutional Data Policy Training Reports.
UCSS - Overview of the University Computer Security Standards and links to FAQ, Compensating Control and Exception Request, and questions form.
UCSSFAQ - Frequently Asked Questions on any of the security standards.
WSSS - OSU Web Service Security Standard
WSSSFAQ - Frequently Asked Questions on the Web Service Security Standard.

Projects

BuckeyePass - Overview of the BuckeyePass Token.
BuckeyePassFAQ - Frequently Asked Questions on BuckeyePass Tokens.
BuckeyePassGlossary - Common terms used in the BuckeyePass Token process.
BuckeyePassODS - Information for those required to use BuckeyePass Tokens to access the ODS.
BuckeyePassUser - Information for BuckeyePass Token users.
IDMAbout - Overview of the Identity Management Project.
IDMTimeline - Timeline for the Identity Management Project.
Index - Main page for the Projects section of the website.
NACAbout - Overview of the NAC project.
PGP - Information about the PGP Whole Disk Encryption product including user and administrator guides.
SSNAbout - Overview of the SSN Protection Project and its subprojects.
SSNReports - Overview of the three categories of printed reports generated from the student systems that were remediated.
SSNReportSamples - Examples of the reports that were changed due to the SSN Protection project.

SafeComputing

Addiction -
Backups - Specific tips for backing up your computer's data.
Copyright - Information on intellectual property, virtual copyright law, and limited use.
Delete - How to remove SSN from Microsoft Excel documents.
Encrypt - Overview of encryption and the possible encryption technologies you can use.
EncryptMacOSX - Instructions for encrypting MacOSX.
EncryptPC - Instructions for encrypting a file or folder on Windows.
FindSSN - Possible tools to help locate SSN or credit card numbers on computers.
Firewalls - Overview of what firewalls are, the different types of firewalls, why they are important, and how to configure a firewall.
GoodSecurityHabits - Habits everyone should develop for Safe Computing.
Handouts - Brochures, handouts, posters, and guides available for download.
Harassment - What constitutes Online Harassment and what to do if you receive threatening messages.
Help - Available IT Help resources.
Hoax - About the different types of online hoaxes that exist.
IDTFact - Identity Theft Fact Sheets from the California Department of Consumer Affairs Office of Privacy Protection.
IDTheft - Information on identity theft, what to do to avoid it, and actions to take if you are a victim.
IDTVictim - Resources for victims or suspected victims of identity theft.
Index - Main SafeComputing page provides overview of this section of the website.
MCSS - Devices must meet the MCSS befor connecting to the network.
OnlineShopping - Best practices for Online Shopping and Auctions.
OSUFindSSN - Instructions for installing and using Virgina Tech's FindSSN tool.
Passwords - Tips for creating strong passwords and keeping them safe.
Phishing - Overview of phishing; what it is, how to protect yourself, and what to do if you are a victim of phishing.
Piracy -
Privacy - Best practices for keeping your personal information private.
ProtectMyComputer - Top ways to protect your computer's software and hardware.
ProtectMyself - Common IT threats to an individual and what you can do to protect yourself.
RemoveSSN - General steps for identifying where SSN are located and what you can do to protect them.
SocialNetworking - Best practices for social networking and blogging.
Spam - General spam information including how to turn on your spam filter and report spam.
Spider - Instructions for installing and using Cornell University's Spider to find SSN.
Spyware - Information pertaining to spyware, includes signs your computer is infected, what to do, and where to get anti-spyware.
Virus - Overview of viruses; tips on how to protect your computer from virus infections.
WhatIsAnIncident - How to know whether data has been exposed and what to do if you suspect a breach.
Wireless - Information on wireless includes how it works, types available, precautions, and OSU wireless.