The Information Security Office (InfoSec) plays a vital role in promoting best practices and ensuring the security of information resources. InfoSec achieves this by not only providing security awareness programs and online resources but also by conducting targeted workshops and publishing comprehensive policies, standards and guidelines. In addition to enforcing security elements across various domains such as application, infrastructure, data architectures and development methodologies, the ISO takes the lead in developing university-wide policies, strategies and standards. Moreover, ISO is actively involved in implementing robust protection, disaster recovery and business continuance procedures to safeguard critical information.
While compliance with GDPR, FERPA, GLBA, PCI DSS, HIPAA and other federal and state requirements primarily falls under the purview of information resource owners, custodians and users, the Information Security Office stands ready to provide invaluable counsel and guidance. By offering their expertise, the ISO assists in ensuring the confidentiality, integrity and availability of information resources. Through collaborative efforts with stakeholders, the InfoSec team remains dedicated to upholding the highest standards of data protection and actively supporting individuals and departments in meeting regulatory obligations.