Help Desk: (814)865-HELP

Welcome to Consulting and Architecture!

Your starting point for information security

The Consulting & Architecture group promotes, designs, and develops secure architecture across Penn State. Our key initiatives include secure enclaves, Authority to Operate, and guideline development. We’re always happy to provide answers and guidance for general security consulting questions. If you have a cybersecurity question and aren’t sure where to start; start with us!

Focused on you

Cybersecurity is a partnership. As a customer-focused group, we work closely with units, colleges, and campuses to promote cybersecurity holistically and collaboratively–not just as an afterthought or lone project. Our projects vary in scope from large enterprise-wide initiatives to localized college research projects and administrative needs.

If you have any question, concern, or need, please don’t hesitate to reach out to us. We would love the opportunity to partner with you to strengthen cybersecurity across Penn State.

Get us involved

Consulting and architecture offers consulting for a wide array of cybersecurity projects, services, and initiatives. Don’t see what you need here? Email; we might be able to help!

Security Consulting

Have a question? Need some input? Our team is here to help you with your project, big or small. We have the right expertise to guide you through any challenge.

Secure Enclaves

Secure enclaves help to ensure that Penn State’s most valuable information remains secure. Learn more about secure enclaves here.

Authority to Operate

All information systems processing or storing level 3 or level 4 data under University Policy AD95 must have an authority to operate. Learn more about ATOs here.

Office 365 Security

We work to promote secure solutions within Office 365. Allowing level 3 and 4 data in O365 is our current area of research and focus.

Cloud Initiatives

Partnering with the EIT cloud team, we can help you understand and design your system for the cloud.

Requests for Proposal (RPF)

Looking to source new services, hardware, or software? Our team can help you work through the security side of an RFP.

Secure Architecture Design

Need to build a new information system? Want to make sure it’s secure? Our team can give input on how to build a secure system and maintain the integrity of your information.

SME for Projects

Have a local project that involves any technology? Our experienced staff can sit in on project meetings to help you find a secure and compliant solution.

SME for OIS Privacy and Compliance (PCI)

Our team collaborates with the OIS compliance team to provide the technical expertise required to maintain PCI compliance in your area.  




Meet our Team

Kyle Crain

Kyle Crain

Information Security Architect & Team Lead

Kyle’s focus areas: General security consulting, cloud architecture, Office 365 security, PCI-DSS, information classification, Authority to Operate, secure enclave design and build, presentations, enterprise initiatives, requests for purchase (RFP), standards guidance, secure network and system architecture.

Kyle is the team lead for the Consulting and Architecture group. He has worked at Penn state for 10 years and has been involved with the Office of Information Security for eight years. During his time at OIS, he worked on a variety of key initiatives and services as an analyst and engineer before becoming the Information Security Architect. Kyle believes in balancing security with usability to support the goals of the University and that security cannot be a one size fits all approach. He enjoys building relationships with University personnel to understand their needs and help design approaches that are both secure and allow work to continue without introducing unnecessary complexities.

Randy Hegarty

Randy Hegarty

Cyber Information Assurance Analyst

Randy’s focus areas: Enterprise firewall, secure the border initiatives, general security consulting, Office 365 for level 3 and 4 data, requests for proposal (RFP), exemptions and exceptions, change advisory board, incident response, secure information system design, SME for security projects.

Randy has spent the majority of his 20 years at Penn State working in information security. He was part of the first central security team that was formed at Penn State which was the precursor to other iterations of security at the University. Prior to his time at Penn State he was employed by a large defense contractor. He has an extensive background in secure infrastructure, intrusion detection, and system design. Randy’s experience and expertise allows him to apply a wealth of knowledge into helping consult on and design systems that are not only secure but also meet the needs and challenge of complex university environments.

Andy Bowen

Andy Bowen

Cyber Security Systems Engineer

Andy’s focus areas: Infrastructure design and build, Cloud initiatives and infrastructure, cloud enclave design and build, application and system logging with Splunk, data centers, next gen firewall technologies, core networking, general security concerns and initiatives, requests for proposal (RFP), Office 365 for level 3 and 4 data.

Andy is a Cyber Security Systems Engineer with the Consulting & Architecture group within the Office of Information Security. Andy has worked for Penn State for over 5 years and has a deep background in systems administration, infrastructure, and network technologies and designs. Before coming to OIS, Andy worked in Penn State IT on the Windows administration team and also oversaw the management of the central Splunk instance. Andy’s strong background positions him and the Consulting & Architecture group in a unique position to blend security with the operational needs to develop approaches to security that take all aspects of the information system into account.

Working on an ATO or enclave?

Please reach out to use through your existing ATO record in ServiceNow, or email

Have a general question, comment or inquiry?

Please email Let us know what you’re working on; we might be able to help! We look forward to building a partnership with you.

Join the Conversation

Consulting & Architecture has two Yammer groups.

For general discussion: OIS Security Architecture Community of Practice

For updates and announcements: Secure Enclaves/ATO