Asset Management
Manage the life cycle of University owned technology assets from purchase through retirement. Ensuring secure destruction of University data residing on University owned assets. Manage surplus computer assets, ensuring secure data destruction when appropriate and managing the reallocation and tracking of computer assets. Pick up of surplus computer assets when requested. The technology surplus service is the official University method for securely disposing/redistribution of used equipment.
Information Security Incident Response
Investigate and respond to Information Security Incidents as outlined in the Campus Information Privacy and Security Policy. Investigate and respond to incident notifications from Minnesota State System Office or other subscribed network monitoring services. Investigate and respond to automated Digital Millennium Copyright Act takedown notifications. Investigate and respond to phishing messages. Investigate and respond to virus and/or malware reports. Investigate and respond to compromised credentials.
Account/Email Compromise
If a customer’s email or StarID account is suspected to be compromised, the IT Solutions Information Security team will investigate and assist in any remediation necessary to resolve the compromise and prevent further compromise.
Asset Recovery
IT Solutions Information Security, working with University Security and potentially local law enforcement, will attempt to locate and recover missing/lost/stolen state technology assets.
Copyright Violation Notice
Upon alleged copyright infringement notification from a copyright holder, or their representative, IT Solutions Information Security will investigate and determine the source of the copyright infringement. Appropriate actions will be taken based on the result of the alleged copyright violation.
Cybersecurity Incident Investigation
At the direction of the President’s Office, Human Resources, Title IX office, University Security, Student Conduct, or the University CIO, IT Solutions Information Security will investigate potential violations of Minnesota State Board Policy 5.22 Acceptable Use of Computers and Technology Resources and/or Board Policy 5.23 Security and Privacy of Information Resources.
Malware/Virus
Upon notification or suspicion that a customer’s system has been infected by malware and/or virus(es), IT Solutions Information Security will work with the IT Solutions Center and/or the customer to remediate such infection.
System Compromise
Upon notification or suspicion that a University owned system has been compromised, IT Solutions Information Security will work with the system owner to identify, remediate and prevent any compromises.
Information Security Risk Management
Evaluate the risk to data for exceptions to polices and/or standards. Determination for IT Solutions Information Security exceptions will be made by the Vice President for IT Solutions / CIO.
Policy/Standard Exception
Evaluate the risk to data for exceptions to policies and/or standards. Determination for IT Solutions Information Security exceptions will be made by the Vice President for IT Solutions / CIO.
Risk Assessment
Informal advice on relevant data security regulations, policies, standards and guidelines (MGDPA, FERPA, HIPAA, PCI, etc). - Information Security risk and governance review of new and existing systems and software.