{"id":81053,"date":"2014-06-06T14:12:32","date_gmt":"2014-06-06T18:12:32","guid":{"rendered":"http:\/\/www.bu.edu\/tech\/?page_id=81053"},"modified":"2024-07-25T08:59:41","modified_gmt":"2024-07-25T12:59:41","slug":"information-security","status":"publish","type":"page","link":"https:\/\/www.bu.edu\/tech\/about\/departments\/information-security\/","title":{"rendered":"Information Security"},"content":{"rendered":"
\"Eric

Eric Jacobsen,
Assistant Vice President & CISO<\/p><\/div>\n

BU Information Security is responsible for guiding the University\u2019s effort to protect Sensitive Information and educating the community about cyber security risks.\u202f University operations depend on the effective use of data, powered by reliable and pervasive technology, from laptops and desktops to tablets, smartphones, projectors, printers and the network infrastructure they run on.<\/span> <\/span>The increasingly diverse array of connected devices that generate, share, and store our information presents a large and growing challenge for the University to secure.<\/span><\/p>\n

Guidance for securely handling sensitive information, both in printed and electronic form, can be found on the information security web page<\/a>, including tips and tricks for securing your systems<\/a>, security related news and alerts<\/a> and links to security policies, standards, and guidelines<\/a>.<\/p>\n

Information Security is made up of three main functions:<\/p>\n

 <\/p>\n

Identity & Access Management<\/b><\/strong><\/span><\/h3>\n

Director:<\/strong> Tammy Pruneau<\/h4>\n

\"\"<\/p>\n

Responsible for proper controls to protect University resources by enabling a single digital identity to be used across University systems. The IAM Team provides the reliable ability to authenticate and access network resources and support federation of identities with other institutions. The goal of IAM services is ensuring individuals get access to the resources they need efficiently and effectively<\/span>. In addition the IAM Team is responsible for digital certificate management; application and account security for many central services such as BUworks, Student Systems, OnBase and many others; account and systems security audit functions.<\/p>\n

 <\/p>\n

Information Security<\/b><\/strong><\/span><\/h3>\n

Director:<\/strong> Tom Grundig<\/h4>\n

\"\"<\/p>\n

Architecture, Awareness, Engineering<\/strong><\/p>\n

Provides security consulting, including the review of project proposals and plans, to provide guidance on security requirements to ensure the University is protecting sensitive information; conducts architectural assessments; develops and provides security training for the university; develops new tools and technologies for securing the infrastructure and maintains the existing security infrastructure. Oversees communications, training, and outreach in an effort to keep the community informed and updated on best practices for keep data safe at Boston University.<\/p>\n

Security Operations Center (SOC)<\/strong><\/p>\n

Responsible for detecting and responding to security incidents and cyber-attacks against the University. \u00a0Manages University firewalls; the vulnerability management program;\u00a0provides cybercrime incident response (IRT) investigative functions, including computer, mobile device and network forensics.<\/p>\n

Compliance<\/b><\/strong><\/span><\/h3>\n

Manager:<\/strong> David Corbett<\/h4>\n

\"\"<\/p>\n

Provides guidance to the university on complying with legal, regulatory, and contractual obligations both in daily operations and in research and clinical efforts.\u00a0 The compliance team works with IS&T leadership, academic and administrative units, and researchers to increase university awareness of cybersecurity compliance requirements and enable successful deployment of necessary controls.\u00a0 This team conducts risk and gap assessments, specifying controls, and supporting both internal and external audits and assessments. \u00a0When new compliance requirements arise, this team helps to improve university policies, procedures, and standards.<\/p>\n","protected":false},"excerpt":{"rendered":"

The Information Security team is responsible for the protection of sensitive information at Boston University and helping the University community understand how to secure its computing and electronic resources…<\/p>\n","protected":false},"author":1303,"featured_media":0,"parent":81039,"menu_order":6,"comment_status":"closed","ping_status":"closed","template":"","meta":[],"_links":{"self":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/81053"}],"collection":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/users\/1303"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/comments?post=81053"}],"version-history":[{"count":38,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/81053\/revisions"}],"predecessor-version":[{"id":153374,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/81053\/revisions\/153374"}],"up":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/81039"}],"wp:attachment":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/media?parent=81053"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}