Notice: Instructure Security Incident & Canvas Updates

Yale ITS is monitoring a reported cybersecurity incident affecting Instructure, the vendor behind Canvas. At this time, there is no known significant impact to Canvas services at Yale, and updates will be shared as more information becomes available.

Read More

Critical vulnerability in all versions of Linux.

Critical vulnerability in all versions of Linux. Please check with your vendor for updates and plan to apply patches as soon as possible. For more information, see: https://xint.io/blog/copy-fail-linux-distributions

Read More

YALE-MSS-11.1: Require security training for all users of Yale Data and Yale IT Systems

Standards Group:
YALE-MSS-11: Security Training

YALE-MSS-11.1: Require security training for all users of Yale Data and Yale IT Systems

Low Risk Endpoint Required Moderate Risk Endpoint Required High Risk Endpoint Required Low Risk Server Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Required Moderate Risk Mobile Device Required High Risk Mobile Device Required Low Risk Network Printer Required Moderate Risk Network Printer Required High Risk Network Printer Required

Details

The purpose of security training and education is to enhance security by:

  • Improving awareness of the need to protect system resources
  • Developing skills and knowledge so users can perform their jobs more securely
  • Building in-depth knowledge, as needed, to design, implement, or operate security programs for organizations and systems

Ensure all users are informed, understand their roles and responsibilities, and complete assigned security training.

System owners are responsible to:

  • Communicate the system's classification level
  • Provide instructions for user responsibilities to protect Yale data
  • Ensure users have access to up-to-date reference materials, procedures, and support resources