Get Protected: IT Governance, Policy & Information Security

Get Protected

IT Governance, Policy & Information Security

Encryption is key. Encrypting helps fight physical data theft.

Our Mission

Arizona State University's Information Security Office is committed to preserving the availability, confidentiality, and integrity of its information while preserving and nurturing the open information-sharing requirements of its academic culture.

Person icon with a lock next to them.

Services

An identification card icon

The ASU UTO/GPIS Identity & Access Management (IAM) team is responsible for enterprise policies, compliance standards, and business processes...

Bug icon

The Vulnerability Management team provides expert guidance and consultation on vulnerability prevention and remediation to departments in...

Search icon with a lightning bolt symbol.

Each of us at ASU is responsible for the security of ASU’s systems, we are also individually responsible for any technology that we install or use...

Triangle icon with an exclamation mark in the center.

Arizona State University takes every security event and incident seriously. Depending on the severity of the issue or situation, a variety...

IT Risk Assessment


The IT Risk Assessment process is a university-wide review conducted yearly within a 3-year cycle. This university review is aligned to the National...

Antimalware Software


The Information Security Office recommends the following Antimalware solutions. All antivirus solutions should be properly configured to...

CMDB Management


The configuration management database, CMDB, is an organizational tool for ASU web applications. Providing information on regulation...

Identity and Access Management


The ASU UTO/GPIS Identity & Access Management (IAM) team is responsible for enterprise policies, compliance standards, and business processes...

News

April 9, 2021

...

March 23, 2021

Get the Word Out

Newsletter or Website Content

There are plenty of reasons to hate passwords. A recent Ponemon Institute study provides some insights into why many people have developed what has become known as password...

Two female students addressing an item on a monitor.

Report Security Event & Questions

Contact the ASU Help Center (Opens in new window) online or call 1-855-ASU-5080

Email the ASU Information Security Office at infosec@asu.edu or submit a ticket via MyASU (Opens in new window)

Anonymous Hotline

Call us at 877-SUN-DEVL or visit us online at the ASU Hotline (Opens in new window)

Policy & Guidelines

This standard outlines the responsibilities and controls required for handling all University managed information in any form.

To govern the use of ASU computing and communications resources and to manage and secure ASU data and other information assets.

The ASU Information Security Policy establishes guidelines and standards for the preservation of the confidentiality, integrity and...

Arizona State University (ASU) provides centrally managed information technology services and resources to employees, students, and other...

Data Handling Standard


This standard outlines the responsibilities and controls required for handling all University managed information in any form.

Academic Affairs Manual (ACD)


To govern the use of ASU computing and communications resources and to manage and secure ASU data and other information assets.

Information Security Policy


The ASU Information Security Policy establishes guidelines and standards for the preservation of the confidentiality, integrity and...

Access to University Technology Resources Policy


Arizona State University (ASU) provides centrally managed information technology services and resources to employees, students, and other...

Trainings

All ASU faculty and staff are required to take information security awareness training within the first month of employment and annually thereafter. This online, self-paced class shows you how to protect ASU data and information systems from harm. The training takes about 40 minutes to complete and includes a presentation and a quiz.
The Health Insurance Portability and Accountability Act was established August 21, 1996. The four main purposes of HIPAA include- Privacy of health information, security of electronic records, administrative simplification, and insurance portability. The Act provides detailed instructions for handling and protecting a patient's personal health information.
FERPA courses are available in the ASU Career Edge for Staff and Canvas for Students. Click the training links below and make sure to select the correct courses that apply to your position.
ASU now offers best practice secure coding guidance for web application developers. This training is required by the AZ Auditor General and was developed by a cross-unit team of IT professionals at ASU.

ASU Information Security Training


All ASU faculty and staff are required to take information security awareness training within the first month of employment and annually thereafter. This online, self-paced class shows you how to protect ASU data and information systems from harm. The training takes about 40 minutes to complete and includes a presentation and a quiz.

ASU and HIPAA


The Health Insurance Portability and Accountability Act was established August 21, 1996. The four main purposes of HIPAA include- Privacy of health information, security of electronic records, administrative simplification, and insurance portability. The Act provides detailed instructions for handling and protecting a patient's personal health information.

Student Privacy: Family Educational Rights and Privacy Act (FERPA)


FERPA courses are available in the ASU Career Edge for Staff and Canvas for Students. Click the training links below and make sure to select the correct courses that apply to your position.

Developer Training


ASU now offers best practice secure coding guidance for web application developers. This training is required by the AZ Auditor General and was developed by a cross-unit team of IT professionals at ASU.