UAB IT's Information Security team offers tools and services to help safeguard the University's computing resources and data.

Services
Computer Security Incident Response
Responds to and manages computer security incidents, including but not limited to: risk containment; network investigations and computer forensics; preserving evidence; and managing remediation to ensure resumption of normal operations.

Firewall request
Reviews and approves firewall rule request to ensure consistency with UAB's security posture. 

Network security monitoring
An established process performed by the Enterprise Information Security team that maintains the confidentiality, integrity and availability of UAB's data and IT resources.

Risk Assessments
UAB data must be protected in transit and storage (rest). Risk assessments help you make informed decisions when selecting vendors, establishing business processes and implementing technical controls. Risk assessment services are available to all schools and units. Email Information Security for more details.

Security consulting
Provides subject matter expertise information and security, including engineering, management, assessment and compliance. Email Information Security for more details.

Security education and awareness
Provides security awareness and training, such as presentations and online learning, as well as education on security products that UAB provides.

Vulnerability assessment and penetration testing
In-depth evaluation of our information security posture. Vulnerability assessment is the process of identifying and quantifying security vulnerabilities in the environment. Penetration testing evaluates the effectiveness of information security controls and procedures.

Tools
DUO Security
Two-factor authentication, also known as 2FA or two-step verification, is an extra layer of security that requires no only a password and user name but also something that a user has on them, such as a token or smart phone.

Keeper
Keeper is a password management application. It stores your login credentials for different web sites so they are easily accessible to you, while still being stored securely when not needed. Instead of having to remember all of your login credentials, you only need to remember the one master password for your Keeper vault.

PhishMe
PhishMe is a phishing simulator designed to change risky behavior and enable employees to recognize and report malicious phishing emails. The PhishMe Reporter allows you to make one click to send the email scam to UAB's Information Security team to investigate.