This committee will foster a consistent focus on security within the UT IT community, with baselines and quantifiable metrics that align with campus security policy. It will facilitate and focus a consistent approach to IT security management in the CSUs while safeguarding the core missions of the University of Texas at Austin.
Straightforward and actionable best-practice frameworks will be a cornerstone of these efforts, with phased objectives building on each other to improve UT's response to security challenges. Timelines will be established to meet objectives, with tools, training, and other support provided to meet the standards needed to secure the data and devices of the campus.
This committee will describe roles and responsibilities of the CSUs, ISO and ITS to establish clear and complementary expectations and procedures to facilitate communication and cooperation to meet the needs of faculty, staff, and students. Coordinated campus responses to threats using rapid, orchestrated, deployment of fortifications or remediations is the ultimate objective of this committee.
Committee responsibilities include:
- Define and promote best security practices to ensure 100% active management of the entire IT ecosystem with well prioritized, phased, and time-bound objectives.
- Develop actionable plans to meet policy requirements
- Create solutions to facilitate propagation
- Baselines will guide proactive patching and necessary remediation efforts
- Preliminary efforts will emphasize the fortification of endpoints around five key components
- Endpoint Management Consoles (e.g. SCCM and JAMF)
- Device encryption
- General Networks deployment
- Least privileged access
- Telemetry agent deployment (e.g. Nessus)
- Aggressive gap analysis with corresponding remediation will be an ongoing focus of the committee
- Milestones will be established for compliance via various reports to help direct efforts
- Data protection (both access controls and backup reliability)
- Application development and software stewardship will be addressed as needed
- Endpoint security standards will be communicated and deployed
- Collaborative efforts will be essential to success
- Frameworks for verification reporting and accountability will be established
- Roadmaps will be developed and shared consistently
- After action reports will be created and shared for process improvement and accountability
- Security initiatives within CSUs and across the campus will be promoted
- Close coordination and partnerships will be kept with key related groups (governance, new technical groups, etc) to ensure that efforts are effective and synergistic
- The Endpoint Management and Networking committees in ITLC will be key partners
- The committee will partner with the CISO to enhance compliance toolsets, protocols, and reporting
|Director of IT and Facilities
|Dir Org Effectiveness
|Comp Svcs - McCombs
|Associate Director of Technology Resources
|Assistant Dean for Technology
|Asst VP for ITS
|CIO/ITS COO Ofc.
|Deputy Chief Information Security Officer
|Director of Technology Resources
|Chief Audit Executive
|Director of Strategic Initiatives
|CIO/ITS COO Ofc.
|Director, Computer Support
|Director of Networking and Telecommunications and Office of Telecommunication Services
|Assistant Director of Operations
|Senior Enterprise Engineer - Windows
|Senior Systems Administrator
|Senior Information Technology Manager
|Systems Administrator I
The Security Committee meets monthly, but given the dynamic nature of information security, the chair may seek out feedback from the group more frequently via electronic communications or impromptu meetings.