The mission of the Office of Information Security (OIS) is to implement and maintain a security program that protects the University’s computing systems, services, network, and data from intentional and unintentional loss, disclosure, alteration, destruction, and unavailability.
Clemson University deals with valuable information and is exposed to numerous threats each day including unauthorized access to Clemson IT systems, data loss or theft, phishing, physical threats such as disaster or destruction of IT resources, and more. To combat these threats, Clemson has a range of technologies, practices, procedures, and policies.
- Safeguard the confidentiality, integrity, and availability of University information assets.
- Monitor, manage, and mitigate technical threats.
- Drive the design and implementation of secure information technology systems.
- Ensure the security policies, procedures, standards, and guidelines align with the needs of the University.
- Enable a security culture by promoting information security awareness that will protect institutional data and meet compliance obligations.
Governance, Risk, and Compliance
- Develop IT Security policies, procedures, and standards, that elevate the security posture of the enterprise, while supporting the business, academic, and research initiatives of the University
- Provide assessments and consultation for business areas governed by regulatory or policy requirements to ensure federal and state laws, industry regulations, and institutional policies are followed
- Develop and manage a Security Awareness and Education curriculum that provides training opportunities, quality materials, and timely communications that empower all members of the University community with the knowledge and skills needed to protect themselves and the University
- Implement and maintain security tools that apply appropriate technical controls for end user devices, and IT infrastructure components, based on their roles and access privileges.
- Ensure security tools are strategically placed within the University environment to defend assets, collect appropriate information, providing monitoring and investigative capabilities of activities on the University network
- Engage with the University community to ensure security standards are followed for application development and systems use
- John Hoyt, Interim Chief Information Security Officer, Information Security
- Chris Brown, Director, Security Risk Management & Incident Response
- Jeremy Merck, Information Security Engineer
- Daniel Herold, Endpoint Security Engineer
- Cody Rathbone, Manager, Security Operations Center
- Kathy Riley, Director, Information Security Assurance
- Patrick McGee, Information Security Services Coordinator
- Frank Monteleone, Director of Healthcare Infrastructure Security
For more information, contact Office of Information Security.