Penn Computing

Penn Computing

Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn


Wednesday, February 21, 2018

  New Resources
Security Logging Service
Travel Tips for Data Security
Free Security/Privacy Training Resources
Two-step verification
Combating Malware
Phishing Archive
Cloud Computing and Data Outsourcing
Best Practices for Applications with Confidential University Data
  Security "Greatest Hits"
Managing Passwords
E-mail Harassment & Forgery
Hoaxes, frauds & scams
Wireless Networking
  Best Practices
Secure desktop computing
Secure servers
Secure data deletion
Securing printers
Tips for safe computing
Computing policies
  More in-depth information for
Local support providers
System administrators
  Security initiatives
Critical Component compliance
Authentication & authorization
Penn Security & Privacy Assessment (SPIA)
Security Liaisons (Restricted Access)
Secure Share
Secure Space
Vulnerability Scanner
  Related links
Electronic privacy
Worms, trojans, backdoors

Information Security and Network Monitoring

ISC's Office of Information Security is responsible for maintaining the security of Penn's digital assets.

Per University policy [1], the Office of Information Security is authorized to access University electronic information only under specific circumstances, including: to comply with legal orders; when investigating a violation of law or serious infraction of policy; to maintain the integrity of a University computing system; to assist in an emergency; or in the case of staff, as necessary to allow University business to proceed. Whenever possible the University's need for any information will be met simply by asking an individual for it.

In support of our mission, Information Security uses various technologies to ensure the integrity of Penn's networks, including devices that alert on anomalous or malicious activity (e.g., an Intrusion Detection System, or IDS) and network and system log files that can be queried to assist in an investigation. Examples of malicious and unauthorized activities can be found in the University's Acceptable Use policy [2]

These responsibilities notwithstanding, no Information Security functions should interfere with the University's commitment to the principles of open expression [3].

Questions or concerns about how the Office of Information Security operates these network technologies should be directed to the University Information Security Officer at

[1] Policy on Privacy in the Electronic Environment

[2] Policy on Acceptable Use of Electronic Resources

[3] Guidelines on Open Expression

Last updated: Thursday, November 29, 2012

Information Systems and Computing
University of Pennsylvania
Comments & Questions

Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania