The information security landscape in higher ed is a mess — and it keeps getting worse. Combining constant stakeholder demands for new cloud services and mobile access with the ongoing need to maintain a secure on-campus data center, keeping your school’s administrative and academic systems and data secure is a constant battle. Even institutions fortunate enough to have a dedicated information security officer (ISO or CISO) are in a real crunch.
How well prepared is your organization to address this landscape? The consumerization of IT places new and powerful technologies directly into the hands of your users — often without the need for any involvement from central IT. Are your systems — people, processes and technology — up to the task?
The FireOak Strategies Information Security Maturity Assessment (ISMA) measures your maturity over six broad categories and provides realistic recommendations to take your program to the next level.
What about PCI? Accepting credit cards is a necessary part of doing business in higher education, but the indirect costs can be enormous. Who is responsible for the security and reporting headaches associated with accepting credit card payments? Do you know which parts of your data network are considered to be part of the “Cardholder Data Environment?” Do you know all of the players — merchant banks, payment gateways, payment processors — that are part of your system? Do you know which parts of the flow are your organization’s responsibility to secure?
The FireOak Strategies PCI Scope Assessment is designed to help organizations get a clear picture of their credit card environment and includes realistic recommendations on ways to simplify — or even eliminate — your institution’s requirements to perform quarterly vulnerability scans, submit complicated self-assessment questionnaires, and pay for costly third-party security audits.
The combination of an Information Security Maturity Assessment (ISMA) with a PCI Scope Assessment provides you with a neutral, sales-pitch-free look at the complete health of your entire cybersecurity environment. The two assessments offer realistic and straight-forward remediation advice and lets your team get back to their real focus — supporting students, faculty, and administrators.
We know higher ed, and we know information security. Our team has decades of experience in organizing and securing information within the education sector.