The mission of the Office of Information Security (OIS) is to implement and maintain a security program that protects the University’s computing systems, services, network, and data from intentional and unintentional loss, disclosure, alteration, destruction, and unavailability.
Clemson University deals with valuable information and is exposed to numerous threats each day including unauthorized access to Clemson IT systems, data loss or theft, phishing, physical threats such as disaster or destruction of IT resources, and more. To combat these threats, Clemson has a range of technologies, practices, procedures, and policies.
- Safeguard the confidentiality, integrity, and availability of University information assets.
- Monitor, manage, and mitigate technical threats.
- Drive the design and implementation of secure information technology systems.
- Ensure the security policies, procedures, standards, and guidelines align with the needs of the University.
- Enable a security culture by promoting information security awareness that will protect institutional data and meet compliance obligations.
Governance, Risk, and Compliance
- Develop IT Security policies, procedures, and standards, that elevate the security posture of the enterprise, while supporting the business, academic, and research initiatives of the University
- Provide assessments and consultation for business areas governed by regulatory or policy requirements to ensure federal and state laws, industry regulations, and institutional policies are followed
- Develop and manage a Security Awareness and Education curriculum that provides training opportunities, quality materials, and timely communications that empower all members of the University community with the knowledge and skills needed to protect themselves and the University
- Implement and maintain security tools that apply appropriate technical controls for end user devices, and IT infrastructure components, based on their roles and access privileges.
- Ensure security tools are strategically placed within the University environment to defend assets, collect appropriate information, providing monitoring and investigative capabilities of activities on the University network
- Engage with the University community to ensure security standards are followed for application development and systems use
John Hoyt, Chief Information Security Officer
Steve Higareda, Director of Security Infrastructure & Operations (Deputy CISO)
Daniel Herold, Endpoint Security Engineer
Jeremy Merck, Network Security Engineer
Cody Rathbone, Cloud Security Engineer
Calvin Watts, Manager, Security Operations Center
Dylan Porter, Information Security Analyst
Arsheen Ajmeri, Information Security Analyst
Chris Brown, Director of Information Security Assurance
Patrick McGee, Information Security Services Coordinator
Frank Monteleone, Director of Healthcare Infrastructure Security
Carl West, Senior DHHS Security Analyst
Ben Sparks, DHHS Security Analyst
Kevin Allmond, IT Manager for Medicaid Information Technology Services
Greg Barnette, Desktop Systems and Software Support Analyst
Tom Ross, Server Administration and Information Analyst
For more information, contact Office of Information Security.