University at Buffalo - The State University of New York
Skip to Content

SANS: Securing the Human

The Information Security Office manages training provided by SANS. Some of the preset content is either inconsistent with UB policies and procedures, or requires further explanation. Please review the following information prior to taking the SANS course.

Frequently Asked Questions

General Features

I can't skip ahead (or back) in the videos?

SANS states, "There have been many clients who asked us to disable the ability to skip ahead feature. Many were due to compliance and certification reasons, so it became a permanent feature."

Wi-Fi Security

Do I really need prior authorization to connect a wireless access point to the network?

UB doesn't require prior authorization before attaching a wireless access point to the network. However, we do expect that access points will be appropriately secured with strong encryption (not "WEP"). We don’t permit the use of our official SSIDs (UB Wireless, UB Guest, and UB’s Secure Wi-Fi) as this is often an indicator of someone trying to intercept traffic. Those SSIDs are reserved exclusively for the UB Wireless service.

The video recommends encryption. How do I know if I'm using an encrypted network?

We strongly recommend that you use UB’s Secure Wi-Fi, which is available through (UBITName/password required) and not UB Wireless or Guest. UB’s Secure Wi-Fi uses encryption and the other two do not.

Do I really need to turn Wi-Fi off when done using my computer?

No, you do not. Please disregard that statement.

Protecting Your Computer

Should I remove unused programs?

While it's always a good idea to remove old and unused (and likely unmaintained and unpatched) items from your system, you should always check with your IT support before making system changes.


Should directory information always be given out?

No. The student may opt to restrict their directory information. The best way to handle requests for directory information is to direct the requester to UB's Online Directory. If the student has restricted their information, it will not appear there. There is no other mechanism to determine whether or not a student has restricted their information.

Physical Security

Do I need to show ID before I leave a building?

Disregard this statement. There are several facilities that require authentication (card swipes) upon entry but none, as far as we know, that require that you authenticate before leaving.

Summary of Training

The video states that you should contact the UBIT Help Center with related questions.

Disregard that statement. Questions should be directed to the Information Security Office.

Contact the UBIT Help Center

Have a UBITName? You may also use the UBIT Help Center Online (login required).

(xxx) xxx-xxxx
Use your email, if known