OIT News and Initiatives

Read Our Latest Articles

  • New Integrated Microsoft 365 Directory

    Apr 15, 2025
    As part of ongoing efforts to improve and strengthen the university’s security posture by proactively addressing out of date technologies, the campus directory website was sunsetted on Thursday, April 10, 2025. For a new directory tool, our IdM modernization and improvement project has updated individual name search functionality within the university's Microsoft 365 suite. This offers a better user experience, more reliable data, and more appropriately meets IT security and compliance Standards. It is immediately available for directory use to university faculty, staff, students and researchers.
    Full story

  • North Classroom Data Center Testing

    Jul 26, 2023
    OIT, in collaboration with the IT Leaders of our schools and colleges, will be simulating a data center outage to test, verify and remediate our planned failover capabilities. Planned failover testing of the North Classroom Data Center is on Sunday, July 30th. This is an estimated 8-hour testing window from 7:00 am to 3:00 pm to evaluate system backup processes and remediate any issues that present. To test these processes, we will be simulating a network outage, but no power or devices will actually be turned off.
    Full story

OIT services in the spotlight: Security and Compliance

Mar 22, 2019

Cyber criminals around the world have discovered new ways to exploit university software and network vulnerabilities. Fortunately, the University of Colorado Denver | Anschutz Medical Campus has the benefit and knowledge of our Security and Compliance team who is on the job overseeing the confidentiality and integrity of our information systems.  

The Security and Compliance team consists of two distinctive groups working diligently to protect the university: Risk and Compliance and Security Operations. The business of keeping the university “safe” is no small task and is led by director Sean Clark, an information technology veteran with more than 20 years of experience at CU. “We have a large volume of valuable data, including Personally Identifiable Information (PII), financial information, intellectual property and electronic Protected Health Information (PHI). Breaches are on the rise in higher education – we work to help reduce the likelihood of a breach and to minimize the impact when (not if!) such a breach occurs” explained Clark

The Risk and Compliance team focuses on the compliance and risk management side of the equation including HIPAA (healthcare data), PCI (credit cards) and FERPA (student data) and are responsible for:

  • Performing campus level risk analyses and managing security and compliance awareness programs for both campuses
  • Creating strategies and implementing plans to document campus compliance to various regulations
  • Providing guidelines and best practices to document school and department compliance efforts
  • Reviewing applications and cloud services to determine if the vendor or software application meets the universities needs for security and compliance
  • Security processing including data access requests and timely termination of employee access when an employee leaves the university

Security Operations focuses on the technical controls and processes to detect and remediate threats to both campuses including managing:

  • Network security systems which involves the Intrusion Prevention Systems (IPS) and firewalls, and also consists of

- searching for malicious traffic and compromised systems and remediating any problems

- helping ensure the university has strong logging, monitoring, alerting and Security Information Event Management (SIEM) in place

- coordinating internal data sources so that they can effectively and efficiently respond to threats and compromises

  • Endpoint security (antivirus solutions) and vulnerability management (evaluating servers and other network devices to ensure that they are up-to-date on patches and appropriately configured)
  • Encryption server and password management systems

Together, the Security and Compliance team serves as a trusted partner with other campus units to drive university initiatives such as working to ensure security measures for programs and services are maintained and developing a university-wide effort to create a consistent IT purchase review process across all campuses. Leading security efforts that include protecting institutional and personal data for students, faculty, staff on two large campuses as well as working with our healthcare partners to protect patient information could keep a person up at night. So, what are the big issues Clark worries about on a restless evening? “Many of the breaches that occur in higher education are combinations of insider and outsider threats, such as an external attacker who sends a targeted spear phishing email and then uses the gathered credentials to gain access to the university network and attack internal servers and IT systems,” Clark adds. Rest assured, his team is hard at work addressing security and compliance issues, both old and new.

Security is a shared responsibility for everyone at the university. To learn more about security and compliance at CU Denver | Anschutz, please visit us at www.ucdenver.edu/securecampus.

This is the fifth article in the series OIT Services in the Spotlight. For an overview of more services offered by OIT, watch the CU Productions video on our YouTube channel or visit our website: oit.ucdenver.edu.

Categories: IT Professionals IT Security OIT - Categories | Tags: culture of safety cyber risk management and cyber warfare cyber security and information assurance cybersecurity data Networks Secure Campus Security Software

Office of Information Technology

CU Denver

Lawrence Street Center

1380 Lawrence Street

13th Floor

Denver, CO 80204

303-724-4357

About OIT
Remote and Hybrid Working
IT Accessibility
Partner Websites
CMS Login