1. Cybersecurity 

The University faces a vast and ever-changing landscape of threats to, and compliance requirements for, institutional and personal privacy data. Pitt IT continually works to evolve and harden our defenses against these threats in a way that allows for collaborative, groundbreaking research and teaching without compromising safety and security of the Pitt community. Several projects to enhance Pitt’s cybersecurity posture and mitigate risk have been completed this year, while others are underway or in the planning stage.

Enhanced Email Security 

Email spoofing enables phishing scammers to forge the “from” address of an email message so that it appears to come from someone the recipient knows. Pitt IT is implementing an advanced email validation system to combat this threat, ensuring trusted email communication among the University community and its partners. 

Increased Device Security

More than 12,000 University-owned devices are managed remotely by departments through Pitt IT’s Enterprise Device Management (EDM). The service was updated to boost security by ensuring operating systems receive regular updates. In addition, Pitt IT now installs GlobalProtect ― an important tool to verify the identity of individuals accessing Pitt resources ― on all standardized devices provided via the Computing Equipment Purchasing and Standardization Program.

Security Assessments

Staying ahead of evolving threats requires continual improvement. Pitt IT has undertaken two security reviews to assess our strengths and areas of opportunity. An external assessment is being conducted using a trusted industry leader in third-party risk assessment. In addition, an internal assessment using the NIST Cybersecurity Framework — the most popular cyber maturity assessment tool in the U.S. — is in progress with Schneider Downs under the direction of Internal Audit.

Security Training For New Employees

The University is safer when faculty and staff understand the landscape of security risks and know how to protect against them. To that end, Pitt IT worked with the Office of Human Resources to add baseline security training to the onboarding process for all new employees.