Security Operations.Security Operations executes operational components of OIS’s information assurance program. We work hands-on to ensure the protection of Penn State's information and systems. Security Operations has two teams: the Enterprise Security Team and the Security Consulting and Services Team.
Enterprise Security keeps Penn State’s enterprise system safe through threat detection, incident response, and vulnerability management.
- Threat detection: network-based threat monitoring and analysis, system event correlation, and log analysis
- Incident response: investigate, contain, and mitigate issues; work with units to respond and help recover from detected issues.
- Vulnerability management: system and application vulnerability detection, technical support, and tracking of mitigation efforts.
The Security Services team works strategically to provide applications and services that can be leveraged by the University community to secure information systems and data. A few of these services include Spirion and Cylance. Security Services also provides risk assessments for existing systems and technology procurements; support for disaster recovery planning; and providing training opportunities. This group also responds to low-level security incidents and general inquiries.
The Consulting and Architecture team works strategically with University stakeholders by proactively participating in technology projects, procurements, and research initiatives throughout the university. This includes providing security consulting and guidance for projects and initiatives. The consulting and architeture team is also responsible for the secure enclave program as well as vetting and issuing Authority To Operate (ATO) for information systems containing level 3 and level 4 data.