Information Security Services Offered
Home
Services
About Us
Presentations & Articles
Boards & Committees
Information Security Matters
Contact Us
Focused on higher education, and specializing in helping institutions secure their information resources from accidental or malicious intrusion or damage, we typically tailor each engagement to the specific requirements of our client. Nevertheless, the scope of a project may be guided by an examination of the frequently used services described below and by modification of one or more of them to meet the specific needs of the client.
Security Strategy and Architecture
Within most institutions, there is a natural tension that exists between the very open, communicative, and sharing culture of the academic enterprise and the increasingly stringent legal and institutional requirements to protect information assets from intrusion, damage, and disclosure. Information security architectures that work well for private-sector, profit-oriented corporations are not fully appropriate for higher education. Colleges and universities are coming to realize that information security must be approached as one of the strategic elements of institutional and organizational plans and not just as the simple application of particular technologies to specific areas.
We offer expertise and help oriented to your specific campus requirements in the:
- Assessment of current information security preparedness
- Development of information security strategies and architectures
- Assessment of risk and recommended mitigation approaches
Security Education and Awareness
A successful information security program is as much about people as it is about technology. Although the leadership and support of an information security program is often vested in a just a few people, no such program in our colleges and universities can be completely successful without the cooperation of most of our faculty, staff, and students. Raising consciousness across an institution about the importance of information security can be an extremely daunting endeavor. We provide services oriented toward:
- Executive orientation on the importance of information security
- Development of policy education plans
- Planning an Awareness Campaign
- Organizing information security training for technical staff
<Top of Page>
Security Policies and Best Practices
Information security policies support the strategy of the institution by providing a context for best practice procedures, standards, and guidelines. These policies and practices must also be fully cognizant of regulatory requirements and other institutional obligations. Services are offered in the:
- Assessment of current policies
- Development of policies and best practices
- Upgrade of policies already in place
- Development of policy implementation plans
<Top of Page>
Security Reviews
An information security review provides a detailed focus on specific implementations of systems, procedures, infrastructure, organization or any other aspect of the information security strategy. Security reviews can also be combined in various ways: into larger, more comprehensive efforts of broader scope; into a series of reviews of related systems or technologies; or into longitudinal reviews aimed at measuring progress and the discovery of emerging vulnerabilities. Such reviews can also be optionally combined with information technology audits done in collaboration with internal audit departments. We offer support in all these approaches.