As part of our ETS 2025–2026 Plan, Enterprise Technology Services is working to implement additional security measures to continue on our path of improvement for our community. (Pillar Four: “Development of an IT security plan that addresses immediate needs, manages risk and response, presents solutions for ongoing audit response and compliance.”) In parallel, ETS is developing a broader IT Security Plan to ensure a university-wide commitment to cybersecurity. This plan will align with industry standards and focus on security education, policy updates, new technology solutions, and strengthened security operations. More details are coming soon, but we wanted to set the stage for several efforts on the horizon.

Security Awareness Training
We will be making available short training modules for new and current faculty/staff, with tailored options for specific groups. We also plan to more closely partner across the university to ensure enhanced security education and training for our students as well. This supports our goal of fostering a safer, more informed community.

Email Auto-Forwarding Audit
To address a long-standing audit finding, ETS has developed a process to audit auto-forwarding of UVM emails to non-UVM platforms—a practice that poses data risks. Policy updates are underway to clarify this guidance and an exemption process is being developed.

New Endpoint Threat Detection Technology
To augment UVM’s current anti-malware solution, we will be implementing a new preventative technology that helps detect and respond to threats on endpoints such as laptops, desktops, and servers. Deployment will begin with high-risk areas—such as sensitive research environments—and gradually expand to all UVM-managed computers.

These efforts reflect our strategic pillars focused on security planning, policy review, and community education. Please stay tuned for more information in the coming weeks and thank you for your partnership in keeping our community members and university safe.