Information Security Office
We are committed to establishing high standards in the protection of data assets and information technology resources that support the University’s mission. Below are services the Information Security Office currently offers to help the university reach these objectives.
Compliance Assistance: The ISO can assist in ensuring compliance with a number of different statutory and industry compliance frameworks including PCI and HIPAA.
Consulting Services: As the needed for enhanced security increases every day, the ISO offers consulting on a wide-range of services from threat intelligence and vulnerability management to assistance with department-wide risk assessments. The ISO also collaborated with the Office of General Counsel to provide information security support in the event of litigation.
Incident Response: Staff are available to assist with the required investigation and mitigation steps in the event of a breach or security event to ensure both statutory requirements are met and threats are eliminated.
Training and Awareness: The ISO can assist in training and awareness programs for both large and small departments, divisions and colleges. Topics range from securing your devices at home, to MFA, phishing and everything in between.
Penetration Testing & Vulnerability Scanning: In an effort to help ensure security of networks, environments or web applications, the ISO has staff available to assist in penetration testing. Projects can range from the testing of a single website to an entire environment. Additionally, ITS ISO can provide the results of vulnerability scanning to provide awareness of missing patches, unsupported operating systems and misconfigured systems.
Risk Assessment: To assist in both departmental and campus-wide cybersecurity, risk assessments can be provided for applications (on premises and off), hardware, and services. Assessments are provided in easy to understand format with suggestions for greater security.