IRT Information Security Services

IRT Security is here to help you. In addition to keeping the School of Medicine networks secure and operational, we also provide you the tools to ensure your own computer security, and support you in case of a security incident.

By educating yourself now about strong computer security practices, you're taking the first step in preventing computer problems. Below, find the resources explaining the need for strong computer security, and the tools you can use to protect yourself and your information.

News:

"WebLogin Updates" Phishing Scam: Using a Stanford-like graphic, scammers are trawling for your weblogin information. If you received this email, ignore it; it's a fake! Click here for details.

About WindowsXP SecureNet: Users of WindowsXP computers who can't easily upgrade their systems by April 8th may be able to take advantage of the WindowsXP Secure Network. Click here for details.

University Security Mandate: Stanford has issued a University-wide security mandate, with updated computer security requirements, including encryption. Next Deadline: May 31st, 2015 - Encryption of all laptops and desktops at the School of Medicine. Click here for details.

Important Security Patches: Some very serious bugs were recently uncovered, in a Linux library and in the iOS software. Users are strongly encouraged to update their software. Click here for Linux details. Click here for iOS details.

I Need Help!

Lost or Stolen Device — Any employee who has lost, or had stolen, a device used for Stanford business is responsible for following all school procedures. This includes reporting the situation immediately to the Stanford University Privacy Office. Click here for the Data Security Program's instructions for reporting a missing device.

Report an Incident — the steps of reporting security incidents, as outlined in the Administrative Guide.

I think I've Been Hacked — what to do if your computer or server may be compromised.

What is a DMCA Notice? — the correct procedures to follow if you receive one.

Email Information Security — a web form to email IRT Information Security Services directly.

Contact Information Security — our Information Security team members, with email addresses and other contact information.

Tools and Info

Encryption — instructions for protecting the sensitive information that may be stored on your computer.

Bastion Access — how to log into Bastion with two-factor authentication.

MedSecureSend — on using Stanford Medicine's secure file transfer service.

How To Secure Your Information — a starting place for protecting the information on your computer: how to encrypt your computer, back up your information securely, and send secure files and email.

Cloud Computing — on cloud-based services and which ones are IRT-approved.

Research and Security — help with creating a data security plan for your grant proposal.

Information Privacy and Security Policies — Stanford-specific policies regarding computer usage, SUMCnet and HIPAA.

Good Practices — a common-sense cheatsheet for everyday ways to protect your information.

OUR MISSION STATEMENT:

Proactively protect SoM information

Monitor and proactively protect the SoM networks

Provide a variety of information security options to protect resources on the School's networks from disruptions, modifications, and disclosure

Develop and publish requirements for the secure configuration of computer systems on the School's network

Provide information security education and awareness programs to faculty, staff, and students

Data Security Program

The Data Security Program helps you comply with Stanford policy and federal law. Visit for help with encryption, secure storage, and automatic backups.

If you have any questions, ask. You can also send us an email at irt-security@lists, or call us at 725-8000 (option 4). Even if your question isn't about computer security, we'll be happy to help you find the answer.