What services does the Information Security Office offer?

Incident response

The Information Security Office is responsible for managing any reported IT security incident, whether it is a policy violation, large data breach, or a suspected phishing email. Please see this page on how to report an incident to our team.

 

Enterprise system access

The Information Security Office reviews, approves, and implements employee and system least-privilege access to our core enterprise applications, such as Banner, ApplicationXtender, SMARTi, Cognos, ODS, Workflow, and STARS. All requests must be submitted by the Business Affairs Officer (BAO) of the requesting individual. Access request forms and their requirements can be found on our enterprise access request form portal.

 

Two-factor authentication

 

Two-factor authentication adds a second layer of security to your online accounts. Verifying your identity using a second factor (like your phone or other mobile device) prevents anyone but you from logging in to your account, even if they know your password. Two-Factor authentication is required for access to the VPN, C&IT-managed Linux servers, Employee Self Service, and Banner Admin Pages. Learn more about two-factor authentication at kb.wayne.edu/160520.

 

VPN remote access

 

Wayne State University offers secure VPN remote access to all employees and students. Connecting to the VPN attaches you to the main University network, giving you access to your desktop and any on-campus file shares and servers you have available to you. Learn more about the VPN at kb.wayne.edu/682.

 

Identity management

 

Access to general university computing resources is automatically provisioned and deprovisioned based on a person's active relationship with Wayne State. Identity Management systems automatically translate a person's role into the appropriate access to systems such as email, LDAP, and Active Directory based on approved timelines.

 

Firewalls and secure networking

The Information Security Office maintains and manages the network firewalls and intrusion detection systems that protect campus computers from unauthorized access. Wayne State employees can request a firewall rule exemption utilizing the firewall change request form.

 

SSL certificates

SSL certificates increase security by adding encryption and validity to our public servers. Individual and wildcard certificates are typically available for WSU servers free of charge, subject to the requirements in our SSL Certificate Issuance Policy. To request an SSL certificate, fill out the SSL certificate request form.

 

Vulnerability scans

University computers and servers are regularly scanned for vulnerabilities which may be exploited by hackers to cause disruption or data loss. System administrators receive monthly scan reports detailing open vulnerabilities, and must resolve any issues in a timely manner.

 

Network and server security reviews

Regular security evaluations are performed on existing and new applications, servers, and network segments. This includes evaluation and mitigation of risk, as well as penetration tests and red team exercises.

 

Enterprise system security reviews

Review, analysis, and Implementation of application-level security is performed for each new release of enterprise systems such as Banner.