Vision
Effective
information security in the context of real-world problems will only be
achieved through a user-centric approach that integrates appropriate technical
and administrative controls with functional user awareness and training.
Mission
The mission
of IT Security and Compliance is to safeguard the confidentiality, integrity,
and availability of university information systems by providing proactive
security expertise, creating and maintaining a robust security architecture and
fostering a culture of security awareness throughout the university.
The
IT Security and Compliance Team works towards these goals by providing the
following services:
- Baselines and configuration standards that are based on
industry best practices, grounded in university policy, and customized to
meet the needs of the university’s unique Information Technology
environment
- Incident handling and response services, including
forensic evaluation of systems that have been compromised and systems that
have been recovered after being lost or stolen
- Security assessments, including firewall penetration
requests and monthly scans of computing systems to assess patching,
configuration and overall security
- Monitoring and analysis of network traffic for
anomalous behavior, including detection of compromised systems and
leakage/loss of sensitive and regulated data
- Providing guidance and education for LAN Admins, system
administrators and developers on securing their applications and computing
resources
Useful
Links:
Compromised Accounts
Current university Phishing Advisories
How to determine if an email is a phishing attack
How to report a lost or stolen device (e.g.,
laptops, iPads and data storage devices)
Firewall Penetration Requests
CU System Policies and Procedures
University Policies