We are strongly committed to sustaining high standards in the protection of data assets and information technology resources that support the University’s academic, enterprise, and research operations and objectives.  Below are services the ITS Information Security Office currently offers to help the university reach and exceed these objectives.

Compliance Assistance
The ISO can assist in ensuring compliance with a number of different statutory and industry compliance frameworks including PCI and HIPAA.

Consulting Services 
As the needed for enhanced security increases every day, the ISO offers consulting on a wide-range of services from threat intelligence and vulnerability management to assistance with department-wide risk assessments. The ISO also collaborated with the Office of General Counsel to provide information security support in the event of litigation.

Incident Response
Staff is available to assist with the required steps in the event of a breach or security event to ensure both statutory requirements are met and threats are eliminated.

Training and Awareness
The ISO can assist in training and awareness programs for both large and small departments, divisions and colleges. Topics range from securing your devices at home, to MFA, phishing and everything in between.

Penetration Testing & Vulnerability Scanning
In an effort to help ensure security of networks, environments or web applications, the ISO has staff available to assist in penetration testing.  Projects can range from the testing of a single website to an entire environment.  Additionally, ITS ISO can provide the results of vulnerability scanning to provide awareness of missing patches, unsupported operating systems and misconfigured systems.

Risk Assessment
To assist in both departmental and campus-wide security, risk assessments can be provided for applications (on premises and off), hardware, and services. Assessments are provided in easy to understand format with suggestions for greater security.