Get Protected: IT Governance, Policy & Information Security

Get Protected

IT Governance, Policy & Information Security

Encryption is key. Encrypting helps fight physical data theft.

Our Mission

Arizona State University's Information Security Office is committed to preserving the availability, confidentiality, and integrity of its information while preserving and nurturing the open information-sharing requirements of its academic culture.

Person icon with a lock next to them.

Services

An identification card icon

The ASU UTO/GPIS Identity & Access Management (IAM) team is responsible for enterprise policies, compliance standards, and business processes...

Bug icon

The Vulnerability Management team provides expert guidance and consultation on vulnerability prevention and remediation to departments in...

Search icon with a lightning bolt symbol.

Each of us at ASU is responsible for the security of ASU’s systems, we are also individually responsible for any...

Triangle icon with an exclamation mark in the center.

Arizona State University takes every security event and incident seriously. Depending on the severity of the issue or situation, a variety...

IT Risk Assessment


The IT Risk Assessment process is a university-wide review conducted yearly within a 3-year cycle. This university review is aligned to the National...

Antimalware Software


The Information Security Office recommends the following Antimalware solutions. All antivirus solutions should be properly configured to...

CMDB Management


The configuration management database, CMDB, is an organizational tool for ASU web applications. Providing information on regulation...

Identity and Access Management


The ASU UTO/GPIS Identity & Access Management (IAM) team is responsible for enterprise policies, compliance standards, and business processes...

News

Two students working together on a computer.
June 1, 2020

UTO Humble Heroes: Brett Woods + the Information Security Team, Alyssa Goldstein, Robert Kamilli, Kevin Lough, Sean Reichert and TJ Witucky

"I definitely brewed a couple cups of coffee before starting to read the 2000+ emails and heading...

May 27, 2020

It is believed the Chronicles of Higher Education user database has been compromised with around 3 million records. A recent report by zdnet stated a high probability of many user credentials from this database will be sold on the dark web...

May 27, 2020

Public Service and Healthcare organizations have been a prime target for cyber attacks in recent years. Within the emergence of COVID-19, these critical organizations have seen a rise of attention from cyber threat actors. Not only is the nature...

Two female students addressing an item on a monitor.

Report Security Event & Questions

Contact the ASU Help Center (Opens in new window) online or call 1-855-ASU-5080

Email the ASU Information Security Office at infosec@asu.edu or submit a ticket via MyASU (Opens in new window)

Anonymous Hotline

Call us at 877-SUN-DEVL or visit us online at the ASU Hotline (Opens in new window)

Policy & Guidelines

This standard outlines the responsibilities and controls required for handling all University managed information in any form.

To govern the use of ASU computing and communications resources and to manage and secure ASU data and other information assets.

The ASU Information Security Policy establishes guidelines and standards for the preservation of the confidentiality, integrity and...

Arizona State University (ASU) provides centrally managed information technology services and resources to employees, students, and other...

Data Handling Standard


This standard outlines the responsibilities and controls required for handling all University managed information in any form.

Academic Affairs Manual (ACD)


To govern the use of ASU computing and communications resources and to manage and secure ASU data and other information assets.

Information Security Policy


The ASU Information Security Policy establishes guidelines and standards for the preservation of the confidentiality, integrity and...

Access to University Technology Resources Policy


Arizona State University (ASU) provides centrally managed information technology services and resources to employees, students, and other...

Trainings

All ASU faculty and staff are required to take information security awareness training within the first month of employment and annually thereafter. This online, self-paced class shows you how to protect ASU data and information systems from harm. The training takes about 40 minutes to complete and includes a presentation and a quiz.
The Health Insurance Portability and Accountability Act was established August 21, 1996. The four main purposes of HIPAA include- Privacy of health information, security of electronic records, administrative simplification, and insurance portability. The Act provides detailed instructions for handling and protecting a patient's personal health information.
HIPAA and FERPA courses are available in the ASU Career Edge for Staff and Canvas for Students. Click the training links below and make sure to select the correct courses that apply to your position.
ASU now offers best practice secure coding guidance for web application developers. This training is required by the AZ Auditor General and was developed by a cross-unit team of IT professionals at ASU.

ASU Information Security Training


All ASU faculty and staff are required to take information security awareness training within the first month of employment and annually thereafter. This online, self-paced class shows you how to protect ASU data and information systems from harm. The training takes about 40 minutes to complete and includes a presentation and a quiz.

ASU and HIPAA


The Health Insurance Portability and Accountability Act was established August 21, 1996. The four main purposes of HIPAA include- Privacy of health information, security of electronic records, administrative simplification, and insurance portability. The Act provides detailed instructions for handling and protecting a patient's personal health information.

ASU and FERPA


HIPAA and FERPA courses are available in the ASU Career Edge for Staff and Canvas for Students. Click the training links below and make sure to select the correct courses that apply to your position.

Developer Training


ASU now offers best practice secure coding guidance for web application developers. This training is required by the AZ Auditor General and was developed by a cross-unit team of IT professionals at ASU.