Conferences & Events
Events for all Levels and InterestsStay
Jump Start Your Career GrowthStay
Get on the Higher Ed IT MapStay
Uncommon Thinking for the Common Good™Stay
Filter by type
- Plans and Guidelines [x]
Filter by Publications
Filter by Library Taxonomy
The EDUCAUSE/Internet2 Higher Education Information Security Council (HEISC) works to improve information security, data protection, and privacy programs across the higher education sector through its volunteers and focused partnerships with government, industry and other academic organizations.
New to Your Security Role?
If you are a new CISO or new to the higher education community, we recommend checking out the Toolkit for New CISOs, a resource developed by members of the Higher Education Information Security Council.
Information Security Guide: Effective Practices and Solutions for Higher Education
The Information Security Guide: Effective Practices and Solutions for Higher Education is now available in wiki format. This resource provides practical approaches to preventing, detecting, and responding to security problems in a wide range of higher education environments. This online service is designed with colleges and universities in mind, balancing our need for security with the need for an open, collaborative networking environment. Also, because one of the overarching concerns in college and university information technology (IT) departments is a lack of resources, an effort is made to provide low-cost solutions. The target audiences are those responsible for information security in colleges and universities and information technology staff who implement and manage security measures. Recognizing that many institutions have initiated or are in the process of developing IT security programs and policies, an effort is made throughout this resource to present practices that are useful at each stage of the developmental process.
As a community-driven, community-serving project, it is important for this initiative to incorporate experiences and perspectives from many different institutions. To contribute case studies that have been effective in your institution, please contact firstname.lastname@example.org.
Library Items on this Topic
EDUCAUSE Library Items for Cybersecurity
- Compliance Matrix Poster for IT & Compliance Professionals
March 17, 2010
This matrix poster developed by Symantec outlines IT Controls for security and privacy concerns related to regulatory compliance in the workplace. Topics addressed in this poster include: Regu…
- Security Task Force 2008–2009 Strategic Plan: Safeguarding Our IT Assets, Protecting Our Community’s Privacy
September 3, 2008
The EDUCAUSE/Internet2 Computer and Network Security Task Force (STF) provides a focal point for the academic community to join together to strengthen the ability of the higher education sector t…
- Information Risk Management Policy Template
March 17, 2008
The purpose of this policy template is to ensure that risks to University information are identified, analyzed, and managed so that they are maintained at acceptable levels. Risks to the confiden…
- IT Security Information - IT Risk Management
January 11, 2008
The CU-Boulder IT Security Office has developed a risk management framework and risk assessment service to meet campus needs in identifying and mitigating IT related risk. The risk management fra…
- Security Task Force Strategic Plan 2006-2007 : Making Progress on Data Protection, Risk Assessment, Incident Response and Business Continuity
June 20, 2007
This 2006-2007 strategic plan is intended to identify a few key priorities for the next year that will guide and direct the activities of the EDUCAUSE/Internet2 Security Task Force. …
- Confidential Data Handling Blueprint
June 11, 2007
The Confidential Data Handling Toolkit provides a consolidation of resources that are anchored to the overarching themes related to information protection secure data handling. …
- Georgia State University System Security Plan
January 1, 2006
This plan is a sanitized version of the Georgia State University System Security Plan. Specific information on technical controls deployed at GSU is omitted. Information about information security …