Information Security is a team sport

We cannot protect all of UAB without your help. You play a key role in protecting information. Be knowledgeable. Be aware. Be proactive. Help us enable UAB to be world class.

The vision of UAB IT’s information security office is to “Secure to Empower.” Information Security is responsible for mitigating risk for the University through the development and maintenance of UAB’s Information Security strategy, which includes IT policies and best practices, security training and awareness programs, security monitoring and operations, secure architecture and vulnerability management. Our goal is to balance confidentiality (keeping private matters private), integrity (assuring that your information is complete and accurate) and availability (having timely and reliable access to your information).


2-Factor Authentication is required for all UAB students, faculty and employees.

Security Awareness

Be knowledgeable about common threats, like phishing, and how to protect yourself and UAB.

Tools & Services

Tools and services we deploy to help safeguard the University’s computing resources and data.

Data Classification

A classification system that makes it easier for faculty, staff and researchers to determine how to best secure the information.

Policies & Guidance

Policies help keep everyone safe from malware, data thieves, and identity theft.


UAB stays compliant with federal laws that stipulate how data related to HIPAA, FISMA, PCI, GLBA, and FERPA must be protected.

Latest from Security

  • UAB IT Investigates new wave of phishing emails

    UAB IT is investigating a new rash of phishing emails sent to campus mailboxes, many of them urging action on expired passwords or purporting to be notifications of passwords or authentication. The emails may include a malicious link to take[…]

  • Report a phish quickly with Outlook button

    When you report a phishing email to UAB IT, you spark a process that can help protect everyone on campus. On March 24, UAB IT will release a new phishing button, that works similarly to previous report phishing buttons. The[…]

  • Take steps to protect your data and keep it private

    Data Privacy Week — Jan. 23-30 — is an opportunity to spread awareness about online privacy and the ways you can keep your information safe.   Did you know that your data is being collected every day? It happens through your[…]

  • Email at work: Don’t get compromised

    Email is one of the most used forms of communications in business — making it an easy target for scammers. Business email compromise is a type of phishing attack that targets organizations attempting to steal money or important information. The[…]