Information Security Office (ISO)

The ISO collaborates with the campus community to protect Carnegie Mellon from and to respond to threats to our electronic information resources and computing and networking infrastructure.

The ISO Services:

Security Awareness Training and Presentations
Information Security Consulting
Security Assessments including Attack & Penetration Testing
Incident Response
Assistance Obtaining SSL Web Certificates

Security News & Alerts:

SANS Webcast: Security for Windows 7
(Posted November 18, 2009)

The ISO is sponsoring a SANS Webcast on November 24, 2009, entitled "Security for Windows 7" at the end of the Departmental Computing Forum (DCF) monthly meeting. The Webcast conducted by Jason Fossen, the sole author of the SANS institute's week-long Securing Windows Course (SEC505), will be held at the UC Connan room.

For information on the Webcast, see SANS Webcast: Security for Windows 7.

Security Alert - Critical Micosoft October Security Update For Windows Users
(Posted October 19, 2009)

Windows computers running Microsoft Windows may be vulnerable to exploits. This vulnerability may allow an unauthorized attacker to take complete control of an affected system that is connected to a network without any end user action.PLEASE UPDATE AND REBOOT ASAP.

For What You Need To Do, see Security Alert - Critical Microsoft October Security Update For Windows Users.

Security Alert - Adobe Reader and Acrobat Security Update
(Posted October 19, 2009)

Windows, Mac and Linux users running Adobe Reader and Acrobat 9.1.3 and older are vulnerable to exploits. Without security update, an unauthorized attacker may take complete control of an affected system by convincing the user to open a maliciously crafted PDF file.

For What You Need To Do, see Security Alert - Adobe Reader and Acrobat Security Update.

National Cyber Security Month
(Posted October 2, 2009)

The Information Security Office (ISO) celebrates the National Cyber Security Month (NCSM) during the month of October, by raising the campus community awareness on how to safeguard their computing assets and online information against threats. Please visit the Cyber Security Month for information on events, classes and online showcase throughout the month of October.

Welcome Back Students
(Posted August 26, 2009)

Dear Students,

Welcome to the 2009 - 2010 academic year! The Information Security Office (ISO) reminds you of few safety tips, which will keep you safe online, and protect your data and computers at Welcome Back Students.

Welcome Back Faculty and Staff
(Posted August 26, 2009)

Dear Faculty and Staff Members,

Welcome to the 2009 - 2010 academic year! The Information Security Office (ISO) reminds you of few safey tips that can help you protect your data and computers and, keep you safe online at Welcome Back Faculty and Staff.

Events:

The ISO offers training on various security and regulatory topics. Please visit the ISO Training Events to view the classes and presentations schedule, during each academic semester.

Helpful Links

Related Groups

News Highlights

The ISO Director Mary Ann Blair, talks about Cyber Security Awareness Month
The ISO Policy & Compliance Coordinator Doug Markiewicz, presents on Data Portection Guidelines at PSC on Nov.8th,2009
The ISO plans to host the SANS course (SEC505) Securing Windows in May of 2010