2022 Information Security

INFORMATION SECURITY

The Information Security Office provides policies, tools and processes to protect the information resources of the University of Arizona, using a shared responsibility model.

Photo courtesy of Rhonda Royse

Successful Internship Program Prepares Students for Jobs

Cybersecurity is a booming hiring area, and UArizona’s College of Applied Science & Technology (CAST) has one of the best programs in this area. However, internship work experience for students in this area can be difficult to find.

The Information Security Office (ISO) has been happy to partner with CAST to provide internships. Students get real-world experience and training in phishing attacks, incident response procedures, security tools, document review and understanding of a decentralized, multi-cloud environment. One of ISO’s first interns now works for the University in the HIPAA Privacy Office. Another is now working in a career position in ISO.

ISO additionally partnered with CAST for an online Women in Cyber Forum in April, to encourage more people to enter the field. Members of the ISO team and former intern Hope Bentley participated as panelists.

“I appreciate the opportunity to work in the SOC as an intern while I was working on my cybersecurity Degree. It was great to apply what I was learning in the SOC. My internship in ISO was critical to my transition from student to professional and will always be grateful for that opportunity.”
– Hope Bentley, HIPAA Security Analyst, Research Compliance Services, former intern

Cyber Readiness Assessed

Just as fire drills prepare people for physical emergencies, the University’s Security Operations Center (SOC) runs mock critical incidents to ensure the University is prepared to respond to cyber emergencies.

This year’s fourth annual mock exercise simulated a ransomware attack. During this exercise, the SOC collaborated with representatives from Governance, Risk & Compliance (GRC); Cloud Technologies, and the University’s Risk Office. The process helps to establish a proactive and coordinated institutional response and ensures incident response processes are current.

The exercise was overseen by Cisco in order to provide an objective assessment of the response. The final report was uniformly positive, from the ease of communications between participants during the exercise to the expertise of incident response best practices exhibited by participants.

Enhancing Security with Identity & Access Management

Identity access management defines how each member of our community is identified, what access is granted to them based on their role (student, faculty, business manager, etc.) and how resources and data are made available and kept secure based on those defined access roles. 

Since 2020, tremendous research has gone into understanding the University’s current business architecture and processes that occur at many levels. Information about how individuals are on-boarded and off-boarded, how identity data is disseminated, current workflows and the number of systems that individuals can access are examples of important information about our current identity access models. For example, data access or privilege might occur at the enterprise level, such as with employment data, or at the department level for local applications and resources. Over 7,000 employees are on-boarded annually at the University with over 1,500 intra-university transfers adding to this total each year. Equally impressive is the approximately 7,800 University employees who are separated each year. This bring a total of over 16,500 annual employee identity changes each year. The culmination of this research brought forth the need for a unified central identity access management platform.

In FY23, the University will be seeking a solution that will provide new benefits and improve our current architecture. Reducing the time to on-board employees will be particularly beneficial, allowing them access to computing resources required to fulfill their job duties sooner. A major security benefit will be unifying practices in off-boarding employees when they terminate employment.

16.5K - Number of Annual Employee Identity Changes per year

Learn more about Information Security at security.arizona.edu

FY22 Metrics

Secure Monitoring

Log Aggregation

166.6TB

Phishing and Spam emails Blocked per Day

2.5M

Risk Management

Percent Units Completed FY22 Plans

90%

Number of FY22 Completed Security Plans

161

Percent Resolved Risks from FY21 to FY22

58.5%

Security Awareness Training

FT Faculty/Staff Participation in Training

95%

Application Developer Training Participation

96%

Services

  • Consulting Services
  • Security Tools & Architecture
  • Monitoring & Incident Response
  • Training