Get Protected: IT Governance, Policy & Information Security

Get Protected

IT Governance, Policy & Information Security

Encryption is key. Encrypting helps fight physical data theft.

Our Mission

Arizona State University's Information Security Office is committed to preserving the availability, confidentiality, and integrity of its information while preserving and nurturing the open information-sharing requirements of its academic culture.

Person icon with a lock next to them.

Services

More Services
An identification card icon

Identity and Access Management

The ASU UTO/GPIS Identity & Access Management (IAM) team is responsible for enterprise policies, compliance standards, and business processes...

Bug icon

Vulnerability Management

The Vulnerability Management team provides expert guidance and consultation on vulnerability prevention and remediation to departments in...

Search icon with a lightning bolt symbol.

Security Review

Each of us at ASU is responsible for the security of ASU’s systems, we are also individually responsible for any...

Triangle icon with an exclamation mark in the center.

Incident Response

Arizona State University takes every security event and incident seriously. Depending on the severity of the issue or situation, a variety...

IT Risk Assessment


The IT Risk Assessment process is a university-wide review conducted yearly within a 3-year cycle. This university review is aligned to the National...

Antimalware Software


The Information Security Office recommends the following Antimalware solutions. All antivirus solutions should be properly configured to...

CMDB Management


The configuration management database, CMDB, is an organizational tool for ASU web applications. Providing information on regulation...

Identity and Access Management


The ASU UTO/GPIS Identity & Access Management (IAM) team is responsible for enterprise policies, compliance standards, and business processes...

News

More News
Two students working together on a computer.

How a Policy and Security Office Is Reimagining IT Culture

June 25, 2020
...
Two students working together on a computer.

Information Security Team Supports Arizona Coronavirus Response

June 1, 2020

UTO Humble Heroes: Brett Woods + the Information Security Team, Alyssa Goldstein, Robert Kamilli, Kevin Lough, Sean Reichert and TJ Witucky

"I definitely brewed a couple cups of coffee before starting to read the 2000+ emails and heading...

Chronicles of Higher Education Data Breach

May 27, 2020

It is believed the Chronicles of Higher Education user database has been compromised with around 3 million records. A recent report by zdnet stated a high probability of many user credentials from this database will be sold on the dark web...

High Risk attacks following the COVID-19 Pandemic

May 27, 2020

Public Service and Healthcare organizations have been a prime target for cyber attacks in recent years. Within the emergence of COVID-19, these critical organizations have seen a rise of attention from cyber threat actors. Not only is the nature...

Two female students addressing an item on a monitor.

Report Security Event & Questions

Contact the ASU Help Center (Opens in new window) online or call 1-855-ASU-5080

Email the ASU Information Security Office at infosec@asu.edu or submit a ticket via MyASU (Opens in new window)

Anonymous Hotline

Call us at 877-SUN-DEVL or visit us online at the ASU Hotline (Opens in new window)

Policy & Guidelines

More Policies and Guidelines

Data Handling Standard

This standard outlines the responsibilities and controls required for handling all University managed information in any form.

Get the PDF

Academic Affairs Manual (ACD)

To govern the use of ASU computing and communications resources and to manage and secure ASU data and other information assets.

Get the PDF

Information Security Policy

The ASU Information Security Policy establishes guidelines and standards for the preservation of the confidentiality, integrity and...

Get the PDF

Access to University Technology Resources Policy

Arizona State University (ASU) provides centrally managed information technology services and resources to employees, students, and other...

Get the PDF

Data Handling Standard


This standard outlines the responsibilities and controls required for handling all University managed information in any form.

Academic Affairs Manual (ACD)


To govern the use of ASU computing and communications resources and to manage and secure ASU data and other information assets.

Information Security Policy


The ASU Information Security Policy establishes guidelines and standards for the preservation of the confidentiality, integrity and...

Access to University Technology Resources Policy


Arizona State University (ASU) provides centrally managed information technology services and resources to employees, students, and other...

Trainings

More Trainings

ASU Information Security Training

All ASU faculty and staff are required to take information security awareness training within the first month of employment and annually thereafter. This online, self-paced class shows you how to protect ASU data and information systems from harm. The training takes about 40 minutes to complete and includes a presentation and a quiz.

ASU and HIPAA

The Health Insurance Portability and Accountability Act was established August 21, 1996. The four main purposes of HIPAA include- Privacy of health information, security of electronic records, administrative simplification, and insurance portability. The Act provides detailed instructions for handling and protecting a patient's personal health information.

Student Privacy: Family Educational Rights and Privacy Act (FERPA)

FERPA courses are available in the ASU Career Edge for Staff and Canvas for Students. Click the training links below and make sure to select the correct courses that apply to your position.

Developer Training

ASU now offers best practice secure coding guidance for web application developers. This training is required by the AZ Auditor General and was developed by a cross-unit team of IT professionals at ASU.

ASU Information Security Training


All ASU faculty and staff are required to take information security awareness training within the first month of employment and annually thereafter. This online, self-paced class shows you how to protect ASU data and information systems from harm. The training takes about 40 minutes to complete and includes a presentation and a quiz.

ASU and HIPAA


The Health Insurance Portability and Accountability Act was established August 21, 1996. The four main purposes of HIPAA include- Privacy of health information, security of electronic records, administrative simplification, and insurance portability. The Act provides detailed instructions for handling and protecting a patient's personal health information.

Student Privacy: Family Educational Rights and Privacy Act (FERPA)


FERPA courses are available in the ASU Career Edge for Staff and Canvas for Students. Click the training links below and make sure to select the correct courses that apply to your position.

Developer Training


ASU now offers best practice secure coding guidance for web application developers. This training is required by the AZ Auditor General and was developed by a cross-unit team of IT professionals at ASU.