Security and Policy protects the security of the data that crosses the networks and promotes the preservation of personal security and privacy for all people at Purdue University.
- Coordinates identity assignment and role-based access across the University
- Provides consistent campus-wide means of managing and identifying constituents for granting access to University resources and ensuring individual privacy
- Manages the Purdue Career Account service, the Purdue University ID (PUID) program, and the BoilerKey two-factor authentication service
- Provides assistance in integrating new applications and services into the campus identity and access management infrastructure
Information Assurance
- Facilitates the development of University information security policies, standards, guidelines and procedures; and consults on information security compliance with University policy, contractual requirements, and federal, state and local law
- Facilitates the stewardship of University Information Assets including the proper classification, sharing and handling
- Assesses risk to the confidentiality, integrity, and availability of University Information Assets according to privacy, law and regulatory concerns; and in the procurement of new Information Technology software or services
- Develops and facilitates information security awareness programs and tools in collaboration with Data Stewards, IT Security Officers, and other Information Technology stakeholders
- Provides a full suite of activities, including: vulnerability scanning, reporting, and notification; security assessments, reviews, and consultations; incident response and remediation; audit response coordination; second- and third-tier technical support; and support for data center firewalls, security software and campus-wide anti-malware software
- Manages security systems, including endpoint security management, central log collection and archive, SIEM, IPS, policy management for firewalls, vulnerability scanners, web application security scanners, and secure file sharing
