Information Security Services
Information Security provides a variety of security services to protect the university's information technology resources.
These information security services include:
Risk management activities include the identification and management of information security risks to achieve university objectives. These efforts are to reduce the university's exposure to IT security risks through the identification of major security threats and vulnerabilities. These processes address information security risks in an efficient manner in order to minimize the potential impact of security events.
Policy Management & Compliance
Policy management is to establish and develop information security policies that support university goals and objectives. This includes development of information security policies, standards and procedures which are easy to understand and enforceable. Compliance management reports on the effectiveness and efficiency of information security controls and compliance with information security policies.
Information Security Management
Information security management is to ensure the development and delivery of the activities that can influence the information security culture at the university. These activities include information security education, training and awareness. Such activities are necessary to the successful implementation of any information security program. Current efforts in this include an ongoing Web based program on security awareness.
Response management is the development and management of a capability to respond to and recover from disruptive and destructive information security events. Efforts include the development and implementation of processes for detecting, identifying and analyzing security related events, including forensics analysis when necessary.
Security operations consist of the management of firewalls, intrusion detection and prevention systems, vulnerability scanning and other security services. This also includes the physical access management to Information Technology Services (ITS) managed spaces.