Security Compliance Consulting
Description: Security consulting for College projects, academic needs, third-party installations, cloud services, operating systems and databases.
Eligibility: Staff and faculty
How to request: ITS Help Request system
Initiated: ITS Help Request; in response to an audit or 3rd party security review; or as part of a project with an approved ITS Project Charter
Availability: Consulting available during normal business hours (8am – 5pm Monday through Friday excluding holidays and campus shutdowns.) Approved automated information security monitoring available 24x7.
Charges: There is no charge for in-house resources. Complex security and compliance requirements may require 3rd party security resources for a fee
Features:
- Consulting to ensure compliance with legal and policy requirements to reduce the risk of security breaches or data integrity issues. These requirements include Wofford security policy requirements, the Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standards (PCI-DSS), the Federal Education Rights and Privacy Act (FERPA), and others.
- Consultations arranged at a mutually agreeable time and may involve multiple meetings with project teams and/or data stewards.
- Security architecture review and planning including secure network design, third party software reviews, and vendor access to the campus network
- Works with the Director of Purchasing and Risk Assessment to ensure appropriate cyber-insurance and risk management.
Owner: Matt Fisher
Pre-requisites:
- Adequate power and network environment for security infrastructure
Delivery Channels:
- Complete ITS Help Requests
- Security plans and strategies
- Consulting and Support
Service Targets:
- Annual certification of compliance with the appropriate PCI-DSS level
- Successful response to annual financial audit security questions
- No security breaches requiring a cyber-insurance claim
