YOU ARE TEAM BLUE
You have the knowledge to protect data in your care
from security attacks OR to let others know when
there is a problem. As part of the UofT “BlueTeam”
follow the basic tenets of CIA
Ensure private or confidential information is not being disclosed to
Ensure data & systems are free from unauthorized manipulation
Ensure systems work promptly for their intended use and service is not denied to authorized users
Securing the Code – OWASP Top Ten
The primary aim of the OWASP Top 10 is to educate developers, designers, architects, managers, and organizations about the consequences of the most important web application security weaknesses. The Top 10 provides basic techniques to protect against these high risk problem areas – and also provides guidance on where to go from here..
Responsible Data Disposal
The University’s Information Security Guidelines outline standards for responsible data deletion and disposal methods. It is recommended that all IT Professionals follow these guidelines for best practices.
What You Need to Know:
Vendor Obligation Management
When engaging a vendor for the procurement of an IT solution, it is critical to consider some key elements to ensure a secure integration. This is what we call Vendor Obligation Management. It describes what the vendor needs to do to properly integrate into the U of T infrastructure and the minimum standards that should be met.
Engaging a Vendor Checklist:
Information Security services
Access Information Security Services offered centrally by Information Technology Services.