Being RESPECTFUL of our information
INSERT: Compliance Language
- Develop and document systems and practices to protect our data including Governance, Risk Management, Cyber Security, Identity and Access.
Implement standards as adopted and developed by the CCC Security Center:
- IITS has adopted the CCC’s Information Security Standard.
- Information security policies, regulations, and business processes will be adopted, derived and aligned with the CCC’s Information Security Standard.
Utilize the tools and services offered by the CCC Security Center:
- Splunk – correlates real-time data for threat analysis.
- Tenable Security Center – provides real-time vulnerability scanning.
- Spirion – provides data loss prevention (scans for SSN, credit card numbers, etc.).
- Vulnerability Assessments.
- Security Awareness Training.
- Phishing Assessments.
- CIS 20 CSC Assessments.
Request funds, purchase and implement various industry recognized tools and services designed to support the policies and standards adopted above:
- Microsoft SCCM – expands the use of applicable security-related features.
- Microsoft Outlook – currently provides data loss prevention for email.
- Jamf – automates patches, upgrades, audits security events, etc. for Apple computers.
- PortalGuard – allows 2-factor authentication, single sign-on, and self-service password resets.
- Research and implement a next generation antivirus solution.
- Research the value of a network monitoring service to detect high level attacks.
- Research the value of endpoint snapshot tools for instant recovery.
- GreyHeller Application Firewall – provides various security layers for PeopleSoft data.