Information Security Services

Annual IT Security Assessment: ITS started the practice of having Annual IT Security Assessment by an external auditor and include external scans, internal scans, policy review, and social engineering are included in the assessment.

Electronic Data Preservation: Initiate and manage the preservation of electronic data upon the request of general counsel or as the result of a subpoena.

IT Liaison on Security Requests: The security group is the first to respond on any IT security breach and works closely with Baylor DPS or aid the Office of General Counsel when appropriate.

IT Policies: Advises during the review and creation of IT policies which is beneficial since the enforcement of IT policies also falls to the security group.

Legislative reviews: The Texas privacy legislation enacted in 2006 mandates the notification of individuals in the case where their unencrypted confidential information may have been breached. General Counsel and the security group coordinate to provide these notifications when necessary.

Patch Management Group: The Patch Management Group is responsible for the evaluation, assessment of campus security risk, and deployment approvals for software patches to campus and the server room.

Scanning: A proactive security posture includes the active scanning of an institutions systems and applications for vulnerabilities.

Security Awareness Presentations: Provide awareness presentations as well as online CBT training through the Office of Professional Development.

Security Policies: Investigates, evaluates and approves policy

Security Reviews: Mirroring the issues raised with contracts, purchasing or development of new technology systems has been exposed as an area where information security is key. Although this security review is not a standard process there is a move to make it so.

Threat notification to IT personal: Monitors and notifies IT personal on new threats and vulnerabilities.

Whole Disk encryption: Identify and install on critical devices to protect confidential information. This approach was supported by the recently enacted Texas Privacy Legislation that mandated disclosure upon loss of confidential information.

Updated February 24, 2014