Our offices accomplish this by:
- Establishing, evaluating, updating, and interpreting university-wide information and information technology policies.
- Providing active security analysis, development, education, and guidance related to Indiana University's information asset and information technology environment.
- Advising on appropriate administrative, technical, and physical safeguards commensurate with risk.
- Developing guidelines, best practices, and educational materials pertaining to the use and protection of computing resources and the handling of sensitive institutional data.
- Providing active network monitoring and threat hunting across the infrastructure to identify and mitigate potential cybersecurity threats.
- Providing oversight for the university-level Data Administration program, including the University Data Management Council (UDMC) and the Data Stewards at large, to ensure consistent management of university data.
- Establishing and leading an Incident Response program to respond to incidents of misuse, abuse, or inappropriate use of information or information technology resources.
- Assisting units in determining their cybersecurity risk profile, including in-house development, on premise services, and cloud-based and vendor-provided components.
- Collaborating with security officers; internal and external information sharing and analysis partners; EDUCAUSE privacy, data governance and security groups; and the Big Ten Academic Alliance Security Working Group.
