The VPN service allows secure remote access to internal URI systems and resources. It is recommended for users working off-campus who need to access services not available over the open internet. Common uses include accessing eCampus while traveling or connecting to restricted internal resources from another location.

Executive Lead

Michael Khalfayan

Technical Lead

Michael Khalfayan
mkhalfayan@uri.edu

Support Team

ITS Information Security Office
security@uri.edu

About the Service:

Features

  • Secure Off-Campus Access: Connect to internal University systems while working remotely or traveling.
  • Data Protection: VPN encrypts your connection to safeguard sensitive data and maintain privacy.
  • Two-Factor Authentication (DUO): VPN requires Cisco DUO for secure login. The mobile app adds a second layer of identity verification.

When to Use VPN:

  • Access secure URI services not available over public networks.
  • Connect safely to URI systems while abroad. (See Travel Guidelines)

Access

Instructions on how to install the VPN client are provided in KB0010261.

Student Access
Students may request VPN access through the Student VPN Access Request Form (SSO Required).

Support and Training

Knowledge Base Articles

For further assistance, contact the ITS Service Desk.

 

The Vendor Security Assessment process ensures that third-party service providers handling URI data meet appropriate security standards. ITS Security conducts these reviews as part of the IT Contract Review process to protect University systems and comply with data protection regulations. This is required for any department contracting with vendors who may store, process, or access sensitive or restricted data.

Executive Lead

Michael Khalfayan

Technical Lead

Michael Khalfayan
mkhalfayan@uri.edu

Support Team

ITS Information Security Office

About the Service:

Features

  • Risk Review: Evaluates the vendor’s cybersecurity controls and classifies them as low, medium, or high risk.
  • Compliance Support: Helps ensure URI meets obligations under GLBA, HIPAA, GDPR, PCI DSS, and other regulations.
  • ERM Integration: Results are shared with Enterprise Risk Management to determine insurance needs.
  • Third-Party Risk Visibility: Proactively identifies risks associated with data handled outside the University.

Access

Who Can Use: All URI faculty, staff, and administrative units entering into agreements with third-party vendors that involve University data.

How to Access:

REQUEST IT SECURITY ASSESSMENT

Support and Training

ITS Service Desk: For questions or help submitting your request.

Additional Info: Visit the ITS Security Services page for security policies and guidance.

 

Qualys is an enterprise-grade vulnerability and web application scanning tool used to detect, assess, and manage security risks across systems and networks. At URI, Qualys plays a key role in our proactive security strategy by routinely scanning administrative networks to identify vulnerabilities before they can be exploited. These scans are conducted from within the URI infrastructure, allowing ITS to monitor, report, and respond to threats efficiently. The platform also includes a Web Application Scanner (WAS), which detects risks such as SQL injection, cross-site scripting (XSS), and other issues identified in the OWASP Top 10.

Executive Lead

Michael Khalfayan

Technical Lead

Andrew Maddock

Support Team

ITS Information Security Office
security@uri.edu

Scans performed with Qualys include:

  • Network vulnerability scanning
  • Web application scanning using OWASP Top 10 standards
  • Detection of threats including SQL injection, XSS, cross-site request forgery (CSRF), and URL redirection

The Qualys WAS helps URI maintain compliance and strengthen security by identifying issues before they impact critical systems and services.

For consultation or more information, contact the ITS Service Desk.

phish alarm logo

ProofPoint PhishAlarm for Gmail is a powerful tool designed to enhance your email security by enabling you to report suspicious emails directly from the Gmail desktop browser interface or Gmail mobile app. This tool is specifically designed to help protect you from phishing attacks, which are deceptive attempts to steal your personal information such as passwords, credit card numbers, or sensitive data.

Executive Lead

Michael Khalfayan

Technical Lead

Caleb Seekell

Support Team

ITS Information Security Office
security@uri.edu

About the Service:

Features

Key Benefits of Using PhishAlarm 

  • Enhanced Security Awareness: By actively reporting suspicious emails, you become more aware of phishing tactics and can better protect yourself and the university community. 
  • Community Protection: Your actions help protect not only yourself but also your colleagues and the University community by preventing the spread of phishing attacks.
  • User-Friendly Interface: PhishAlarm integrates seamlessly into the Gmail interface, making it easy to use. There is no longer any need to forward emails to IT staff. Instead,  you can report phishing with one click!

Access

Access is integrated into the Gmail desktop browser interface or Gmail mobile app.

Using PhishAlarm is simple: 

  • Look for the PhishAlarm Button: In desktop browsers, the PhishAlarm button is located on the toolbar on the right side of the Gmail web interface. In the Gmail mobile app, the PhishAlarm button is at the bottom of the message. If you receive an email that seems suspicious, click/tap this button!
  • Follow the Prompts: You may be asked to confirm that the email is suspicious. Once confirmed, the email is sent securely to the University’s IT security team.
  • That’s It!: You’ve taken an active step towards protecting yourself and the University from phishing threats.

Support and Training

Submit a ticket or attend a drop-in to report bugs or errors. For urgent security concerns, please get in touch with the ITS Information Security Office at security@uri.edu

ITS is pleased to offer URI faculty and staff access to the Proofpoint Security Awareness Training program. This opportunity provides various informative lessons ranging from topic-specific to general-purpose to accommodate all levels of expertise. Learn about Security Awareness Training.

Get Help:

ProofPoint PhishAlarm

Empower yourself against phishing attacks

How to report a malicious email

Frequently Asked Questions

Get answers to some frequently asked questions about PhishAlarm

FAQs about Proofpoint Phishalarm

Security Awareness Tips

Explanations about different cyber attacks and tips to secure your information.

Tips and Tricks