Penn Computing

Penn Computing
Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn

 

Monday, November 9, 2009
 
  Security "Greatest Hits"
Managing Passwords
E-mail Harassment & Forgery
Hoaxes, frauds & scams
Spam
Phishing
Wireless Networking
Encryption & digital signatures
 
  Best Practices
Secure desktop computing
Secure servers
Secure web applications
Secure web development
Secure data deletion
Tips for safe computing
Computing policies
 
  More in-depth information for
Local support providers
System administrators
Application developers
 
  Security initiatives
Critical host compliance
Authentication & authorization
Penn Security & Privacy Assessment (SPIA)
Security Liaisons (Restricted Access)
Secure Share
NeXpose Vulnerability Scanner
 
  Related links
Electronic privacy
PennKey
Viruses
Worms, trojans, backdoors

About the Office of Information Security

The job of coordinating information security at Penn is handled by the Office of Information Security, a unit of Penn's Information Systems and Computing (ISC) division.

What we do

The Office of Information Security establishes, implements and maintains security programs to assist management in the protection of computing resources and associated information assets against accidental or unauthorized modification, destruction, or disclosure. Our responsibilities include:

  • Establishment of appropriate University-wide policies, standards and guidelines for data and physical security safeguards pertaining to information systems.
  • Recommendation and review of the implementation and maintenance of data security software that provides controlled access and use of sensitive application systems, database management systems, computer operating systems, communication networks, and computer hardware.
  • Providing consultation into technical and application development efforts involving computer data security and integrity issues.
  • Providing a forum for review, counsel, education and communication of computer security administration procedures.
  • Maintaining awareness of existing and proposed legislation and regulatory laws pertaining to information system security.
  • Participation in investigations of information security violations.
  • Educating the general community about the security risks of electronic information systems and provide targeted information informing them of steps they can take to minimize those risks.

How to reach us

Mailing Address:

3401 Walnut Street
Suite 230A
Philadelphia, PA 19104-6228 USA

Telephone: (215) 898-2172 (An Information Security representative can be reached through this number 24 hours a day, 7 days a week. Please read the page on reporting security concerns for more information.)

Fax: (215) 573-2037 (please call or e-mail in advance to alert to incoming fax)

Email: security@isc.upenn.edu

When contacting Information Security regarding sensitive and/or confidential issues, it is recommended that all email correspondence be PGP-signed and -encrypted whenever possible, using one of the Information Security public keys that can be found at the PGP Public Key Information page.

Information Security Personnel

Penn Information Security Officer

James Choate
(215) 898-4709
choate@isc.upenn.edu

Information Security Specialists

John T. Lupton
(215) 573-3811
lupton@isc.upenn.edu

David Taylor
(215) 898-1236
ltr@isc.upenn.edu

Melissa Muth
(215) 573-6798
muthm@isc.upenn.edu

Last updated: Tuesday, October 6, 2009
top

Information Systems and Computing
University of Pennsylvania
Comments & Questions
Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania