The Department of Information Security reports to the Director of the Office of Information Systems. Information Security audits and analyses information applications, data elements and information flow processes throughout the campus. We also recommend and develop policies, procedures and/or guidelines for Information Governance and security access protocols. We are tasked with developing and distributing educational information pertaining to best practices prescribed by the State of Arkansas, Arkansas Department of Higher Education, and industry standards for maintaining information security. We also strive to stay up to date on alerts, trends and new protocols on hacking, phishing and cyber-attack methods targeting educational institutions.
The mission of the Arkansas Tech Information Security Office (ISO) is to exemplify a consistent pattern of excellence and professionalism in securing information technology solutions and services by building a university culture and practice of collaborative information security awareness in support of the University in its mission by empowering all members of the community to achieve their goals of educational success and excellence with secured data access.
It is our objective to:
- Mitigate security risk through outreach, awareness, assessment, policy, and best practices
- Participate in the monitoring of networks and systems to protect against and detect malicious activity and ensure regulatory compliance
- Manage Secured Data Systems Access through a collaborative effort with System Data Owners
- Respond to security breaches to contain the incident and improve procedures.
- Continuously monitor and review security policies, practices and communication to mitigate risks
- Ready to respond to any security breaches with the intent of identification, containment and review to improve procedures and practices.
Areas of responsibility:
Information Security Awareness & Education
- Information Security Best Practices
- Phishing and Cyber Alerts
- Information Governance Guidelines
Secured Data Systems Access Control
- Job Position (POSN) Controlled Access
- Access eXception Requests
- Access Termination
Monitoring of Secured Data Systems
- Access & Usage Monitoring
- Breach Notification
- Breach Containment
- Incident Reporting
Alertus System (Emergency Notifications)
- Configure Alertus Devices (Associate beacons to Alertus Notification Groups)
- Configure Alertus Clients (Associate employee computers to Alertus Notification Groups)