Security Consulting and Compliance
General Security Consulting
The IT Security Office provides recommendations for security controls implementation for computing devices. Consult on new or existing projects/issues/equipment to provide best-practice recommendations for security architecture and implementation of specific security controls.
If you have questions or need assistance on items not listed below, please call the IT Security Office (5-6332) or email: email@example.com
Technical analysis and assistance to ensure compliance with security standards for handling credit cards on all campus systems.
A general guide to resources, policy information and descriptions encompassing the overall (enterprise) information security environment at The University of Iowa.
Individual units are expected to develop plans which are scoped to the specific environment requiring the completion of a System Security Plan (SSP), as a requirement of the Federal Information Security Management Act (FISMA) of 2002.
Information resources for Faculty and Staff (both clinical and non-clinical) on how to safe guard health information they work with.
Active evaluation of a resource's security using a combination of automated tools and manual methods to breach the security of the system.
Second Level support for Identity Finder software which scans computers to locate files that contain sensitive data such as SSNs, credit card numbers, and passwords.
Security Reviews and Assessments
The IT Security Office performs evaluations of computer systems, and provide recommendations to improve security or reach compliance with regulations.
If you have questions, need assistance or a consultation please call the IT Security Office (5-6332) or email: firstname.lastname@example.org
Frequently visited resources
Defense in Depth Security Strategy: http://itsecurity.uiowa.edu/resources/Defense-in-Depth
Information Technology Policy Repository: http://itsecurity.uiowa.edu/policy
University of Iowa Operations Manual: http://opsmanual.uiowa.edu/
Family Education Rights and Privacy Act (FERPA) http://registrar.uiowa.edu/ferpa/
Health Insurance Portability & Accountability Act (HIPAA) http://itsecurity.uiowa.edu/hipaa
Gramm Leach Bliley Act (GLBA)http://counsel.cua.edu//fedlaw/glb.cfm
Payment Card Industry Data Security Standards (PCI-DSS) https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml
UI Policy on Credit Cards http://treasury.fo.uiowa.edu/policies-and-procedures/credit-card-acceptance-security-guidelines
Federal Information Security Management Act (FISMA) http://csrc.nist.gov/groups/SMA/fisma/overview.html
Iowa Personal Information Security Breach Notification (Iowa Code, Title XVI, Chapter 715C)