Overview
Information Security Services support the Information Security Plan which is developed collaboratively through the Office of Information Security governance bodies.
Offerings
- Incident Management & Response - Provides coordination and reporting responsibility for information security incidents that represent a material risk to the University as well as support to Schools and Centers upon request for general security incident response practices
- Security Consultations - Supports common information security needs including vendor risk management and Splunk analysis
- Training & Awareness - Offers formal and informal training and awareness events, programs, courses and materials on information security
- Vulnerability Scanning - Relies on industry-standard tools to examine computing devices for known vulnerabilities and weaknesses
Benefits
- Support of due diligence and best practices
- Compliance with legal and regulatory standards
- Identification of potential security issues for preventative remediation
- Support of technical and application development efforts involving computer data security and integrity issues
Who Can Benefit from This Service
University faculty, staff, students, affiliates, guests, and UPHS
Additional Information and Resources
- Office of Information Security
- IT Security Policy
- Computer Security Incident Handling
- Port Trace Tool (access from Penn IP space using Pennkey and password)
- Collection of Firewall Block-Related Resources (access from Penn IP space using Pennkey and password)
- Reporting Concerns to Penn Office of Information Security
- Chain of Custody Form
- Office of Audit, Compliance, and Privacy
- Office of the General Counsel