The Information Security Office (ISO) orchestrates efforts and provides services to protect the information assets that are important to Stanford.
In this modern age of data centricity and pervasive computing, information privacy and security are increasingly essential, yet increasingly elusive. What has become one of the greatest challenges of our time, information security is multifaceted and spans all elements of the Stanford enterprise. As such, ISO collaborates with partners throughout the university and supports more than 50 distinct services in order to maintain Stanford's comprehensive and leading cybersecurity program.
Pursuant to ISO's mission "to protect the information assets important to Stanford", information security is largely an exercise in risk management. Accordingly, ISO is deeply involved in the university's Enterprise Risk Management (ERM) effort, ensuring that Stanford’s top cybersecurity risks are identified and that mitigation plans are in place.
The Information Security Office dual reports into UIT and the Office of the Chief Risk Officer (OCRO). This structure enables ISO to work closely with IT while maintaining a strong connection with Privacy, Internal Audit, Enterprise Risk Management, Risk Management (insurance), and Ethics and Compliance.
The Consulting team provides outward facing services including security assessments and reviews, incident response coordination, policy and procedure development, internal and forensic investigations, awareness and training, penetration testing, simulated phishing, cybersecurity risk governance, and regulatory compliance. Consulting also serves as the Business Owner for many cybersecurity services operated by other UIT teams, including authentication, centralized logging, email security, data loss prevention, firewalls, mobile device management, and VPN.
Consulting is now taking a greater role in supporting the university's payment card industry (PCI) regulatory compliance obligations.
The SecOps team deploys security technologies and operates critical security systems including configuration management, intrusion detection and analysis, vulnerability scanning and reporting, password cracking, application allow listing for servers, file integrity monitoring for servers, engineering and infrastructure for ISO services, and threat intelligence.
Along with privileged access workstation (PAW) development, patching and anti-malware for endpoints have been transitioned to the new Endpoint Engineering and Design team under the End User Experience group in Client Experience & Solutions.
The Special Programs team supports the university’s payment card industry (PCI) compliance obligations by providing consultation, security reviews, and completing the yearly compliance attestation requirement.
Along with the PCI compliance, Special Programs leads the university’s File Storage Security program by monitoring, alerting, and remediating the exposure of sensitive information.
The Cloud Security team leads the university's efforts to safeguard its cloud-based assets (IaaS, Paas, and SaaS). The team focuses on establishing a pragmatic cloud security strategy that centers on addressing current and emerging cybersecurity threats that can disrupt or harm our efforts to securely use the public cloud.
School of Medicine IRT Security
Dual reporting into ISO and Stanford Health Care's Technology & Digital Solutions (TDS), the School of Medicine's security team provides specialized tools for SoM (e.g., AMIE and SUSI), firewall rule management, network anomaly monitoring, encrypted flash drives, annual onboarding for high risk communities (hospital residents and Med School trainees), and coordination for security activities with Stanford Medicine (SoM, SHC, and SCH).