Mission
The mission of Information Security Services is to support Boise State, a research university aspiring to be known for the finest undergraduate education in the region with outstanding research and graduate programs, by protecting the university’s information assets.
Ensuring that Boise State’s exceptional students, faculty, and staff have access to all of the information resources they need to fulfill their role(s) at the university is the core value of this mission.
Established Services
Accounts:
The Accounts team is responsible for provisioning current and de-provisioning former employees’ account access. This includes Google Apps for Employees email, network file shares, SharePoint, Reporting Services, and PeopleSoft administrative access, as well as a number of other enterprise applications.
Identity Management:
The Identity Management team is responsible for the University’s identity store including LDAP services, integration of new services with LDAP, Active Directory and federated identities, and the middleware that facilitates student and institutional success.
Incident Response:
The IR team focuses on incident prevention and preparation. This includes participation in the design of systems and the testing and verifying of security measures before a system goes live. Other responsibilities includes analysis and correlation of incidents across the network, and forensic analysis of compromised systems.
IT Compliance:
ISS coordinates regular University security risk assessments, vulnerability assessments, and security testing for compliance or information security status in order to ensure compliance with local, state and federal regulations and industry standards.
PeopleSoft Security Administration:
PeopleSoft Security Administration provides security reviews, designs, and tests of PeopleSoft security plans and procedures, performs security reviews and access audits, recommends security solutions, advises application-level security configurations, and investigates and mitigates security risks as required.
Policy Development:
The Information Security Officer coordinates the development, implementation and maintenance of information security and privacy policies, standards, guidelines, baselines, processes and procedures.
Security Awareness:
ISS promotes workforce awareness of “ethical and compliant” information security practices and effective lines of communication. Provides and/or facilitates information security education and training in regulatory and industry standards for all university employees.
