/
DoIT Access to Information

DoIT Access to Information

General

To ensure UMBC systems remain safe and secure, the Division of Information Technology (DoIT) monitors system activity for anomalous behavior, and routinely scans systems for sensitive data and vulnerabilities. For more information about the type of information we collect and how we use it, see Cybersecurity Data section on https://privacy.umbc.edu.

The Division of Information Technology also provides support to various offices on campus when records are needed to support investigations or public information requests.

Email

DoIT monitors emails for indications of phishing and malware. Most of our email monitoring and alerting is performed by automated tools, but on occasion the Cybersecurity Assurance and Digital Trust staff may need to look at message subjects, headers or content to stop ongoing campaigns. Access to email body content requires staff to enter a justification, which is then logged and sent to the Chief Information Security Officer for awareness.

Cloud Storage

DoIT monitors cloud storage for malware and external sharing of sensitive information types like Social Security Numbers (SSN) and Credit Card information. This monitoring is performed by automated tools and our alerts only contain a subset of information about the triggering document. Upon receiving alerts, the Cybersecurity Assurance and Digital Trust team will contact the file owner to coordinate any necessary actions. If publicly shared documents contain sensitive information, our automated tools may adjust permissions upon alert. DoIT, in practice, does not access cloud storage file content.

End User Devices

DoIT manages the security posture of UMBC-issued devices via our administrative management tools. DoIT scans systems for vulnerabilities, applies patches, and collects metadata about the device and applications installed to assist in detecting and responding to cybersecurity threats. For devices used in sensitive departments, particularly those handling critical information and access, these tools are vital. They enable a rapid and thorough response to identified threats.

DoIT has the capability to remotely access/troubleshoot/wipe the device when necessary; under normal circumstances, remote troubleshooting will be initiated by the user from their device. Instances where these remote sessions occur are logged. In practice, DoIT staff will not access the content of user files on devices or on AFS for Linux endpoints without clear permission from the user or other authorized parties. These parties may include legal authorities, Human Resources, or university officials, particularly for legitimate business reasons (e.g., in cases of terminated employees). Automated installations, updates, and security tools managed by DoIT may modify system or application files as required for maintenance, security, or compliance, but do not involve viewing or altering the user’s personal data.

 

Request Help | Correct or Suggest an Article