The mission of the Office of Information Security (OIS) is to implement and maintain a security program that protects the University’s computing systems, services, network, and data from intentional and unintentional loss, disclosure, alteration, destruction, and unavailability.

Clemson University deals with valuable information and is exposed to numerous threats each day including unauthorized access to Clemson IT systems, data loss or theft, phishing, physical threats such as disaster or destruction of IT resources, and more. To combat these threats, Clemson has a range of technologies, practices, procedures, and policies.

Strategic Goals

  • Safeguard the confidentiality, integrity, and availability of University information assets.
  • Monitor, manage, and mitigate technical threats.
  • Drive the design and implementation of secure information technology systems.
  • Ensure the security policies, procedures, standards, and guidelines align with the needs of the University.
  • Enable a security culture by promoting information security awareness that will protect institutional data and meet compliance obligations.


Governance, Risk, and Compliance

  • Develop IT Security policies, procedures, and standards, that elevate the security posture of the enterprise, while supporting the business, academic, and research initiatives of the University
  • Provide assessments and consultation for business areas governed by regulatory or policy requirements to ensure federal and state laws, industry regulations, and institutional policies are followed
  • Develop and manage a Security Awareness and Education curriculum that provides training opportunities, quality materials, and timely communications that empower all members of the University community with the knowledge and skills needed to protect themselves and the University


Security Technology

  • Implement and maintain security tools that apply appropriate technical controls for end user devices, and IT infrastructure components, based on their roles and access privileges.
  • Ensure security tools are strategically placed within the University environment to defend assets, collect appropriate information, providing monitoring and investigative capabilities of activities on the University network
  • Engage with the University community to ensure security standards are followed for application development and systems use




John Hoyt, Chief Information Security Officer


Steve Higareda, Director of Security Infrastructure & Operations (Deputy CISO)

Daniel Herold, Endpoint Security Engineer

Jeremy Merck, Network Security Engineer

Cody Rathbone, Cloud Security Engineer

Calvin Watts, Manager, Security Operations Center

Dylan Porter, Information Security Analyst

Arsheen Ajmeri, Information Security Analyst


Chris Brown, Director of Information Security Assurance

Patrick McGee, Information Security Services Coordinator


Frank Monteleone, Director of Healthcare Infrastructure Security

Carl West, Senior DHHS Security Analyst

Ben Sparks, DHHS Security Analyst

Kevin Allmond, IT Manager for Medicaid Information Technology Services

Greg Barnette, Desktop Systems and Software Support Analyst

Tom Ross, Server Administration and Information Analyst



For more information, contact Office of Information Security.