Events for all Levels and InterestsStay
Jump Start Your Career GrowthStay
Get on the Higher Ed IT MapStay
Uncommon Thinking for the Common Good™Stay
Filter by type
Filter by Publications
Filter by Presentations
Filter by Library Taxonomy
The EDUCAUSE/Internet2 Higher Education Information Security Council (HEISC) works to improve information security, data protection, and privacy programs across the higher education sector through its volunteers and focused partnerships with government, industry and other academic organizations.
New to Your Security Role?
If you are a new CISO or new to the higher education community, we recommend checking out the Toolkit for New CISOs, a resource developed by members of the Higher Education Information Security Council.
Information Security Guide: Effective Practices and Solutions for Higher Education
The Information Security Guide: Effective Practices and Solutions for Higher Education is now available in wiki format. This resource provides practical approaches to preventing, detecting, and responding to security problems in a wide range of higher education environments. This online service is designed with colleges and universities in mind, balancing our need for security with the need for an open, collaborative networking environment. Also, because one of the overarching concerns in college and university information technology (IT) departments is a lack of resources, an effort is made to provide low-cost solutions. The target audiences are those responsible for information security in colleges and universities and information technology staff who implement and manage security measures. Recognizing that many institutions have initiated or are in the process of developing IT security programs and policies, an effort is made throughout this resource to present practices that are useful at each stage of the developmental process.
As a community-driven, community-serving project, it is important for this initiative to incorporate experiences and perspectives from many different institutions. To contribute case studies that have been effective in your institution, please contact firstname.lastname@example.org.
Library Items on this Topic
EDUCAUSE Library Items for Cybersecurity
- Higher Education Information Security Council 2014 Strategic Priorities
January 30, 2014
The Higher Education Information Security Council (HEISC) has identified three areas of focus in 2014, which closely align with the 2014 EDUCAUSE Strategic Directions . This year's stra…
- Information Security
June 14, 2013
This Spotlight focuses on data from the 2012 Core Data Service (CDS) to better understand how higher education institutions approach information security activities. Information provided …
- Enterprise Content-Aware DLP Solution Comparison and Select Vendor Profiles
May 14, 2013
This Gartner report covers content-aware data-loss prevention, which has grown up and is on the verge of becoming a standard part of security architecture. A small set of vendors dominate a major…
- Administration of Data Loss Prevention Services in Higher Education
April 17, 2013
This presentation will examine the challenges, shortcomings, potential solutions, and areas for improvement in deploying and administering a data loss prevention (DLP) tool in a highly distribute…
- Data Custodians, It's 11 p.m.: Do You Know Where Your Confidential Data Is?
March 20, 2013
A session at the Midwest Regional Conference
Many campuses find that the proliferation and continued storage of confidential data on desktop and laptop computers to be one of their top security risks. In combination with policy and awareness …
- Can Big Data Help Universities Tackle Security, BYOD?
July 31, 2012
Universities have some of the most complex IT infrastructures around, and BYOD is a reality they can't escape. Chief Security Officers at universities are increasingly turning to Big Data an…
- Podcast: Larry Conrad on IT Security Then and Now
July 17, 2012
Larry D. Conrad serves as the vice chancellor for information technology and chief information officer at UNC Chapel Hill. He has over 40 years experience in the field of information technolo…
- Cybercrime Threats: How Criminals Bypass Security Measures to Steal Your Sensitive Data and Money and Ruin Your Reputation
May 16, 2012
A session at the Security Professionals Conference 2012
Data breaches and credential/PII theft incidents are becoming more prevalent, and recent red flag rules require heightened data security procedures. Meanwhile, BYOD, social media proliferation, and…
- Protecting the Security of Research Data
November 8, 2011
The effective protection and management of research data has become a hot topic in U.S. higher education. Funding agencies increasingly require data management plans as part of grant submittals…
- Reducing the Cost of PCI Compliance
October 20, 2011
A session at the EDUCAUSE 2011 Annual Conference
Credit card payments are prevalent throughout university campuses and websites. Achieving PCI compliance is aggravated by the scope-related complexities of a typical cyberinfrastructure. This ses…