Security and Privacy

Information Security and Privacy services for your reserch:VPN, Enterprise Firewall, Information Classification, Privacy and Compliance.

Enterprise Firewall

The ITS Firewall Service provides for the design, installation, maintenance, and sparing of LAN security appliances. This service is made available to Penn State departments, colleges, and administrative units.

Information Classification Decision Tool

The Penn State Office of Information Security offers an Information Classification Tool to help users determine the security level of the data in their care and how to protect that information depending on its classification level.

IT Security Services

The Office of Information Security (OIS) establishes, implements, and maintains a University-wide security program.

Policies

Policy AD95: Information Assurance and IT Security

Policy AD95 establishes an institution-wide security program designed to ensure the confidentiality, integrity, and availability of Penn State's information assets while protecting it from unauthorized access, loss, or damage. This policy outlines:

Privacy Services

The University Privacy Office promotes an organizational culture that provides oversight and leadership to Penn State faculty, staff, and students so they may conduct operations and activities with a reasonable expectation of privacy. The University commits to compliance with local and regulatory requirements and university policies, guidelines, and standards.

Secure Enclaves

Secure Enclaves are a key part of Penn State’s overarching security strategy. They help administrative and research areas achieve regulatory and contractural compliance for high-risk data types. Enclaves protect data through a secure computing infrastructure that meets baseline compliance needs and provides integrated security.

Secure Enclaves and ATO

Security Enclaves

Security Consulting and Services

The Office of Information Security's Security Consulting and Services team works strategically with university stakeholders by proactively participating in technology projects, procurements, and research initiatives throughout the University. This includes providing security consulting and guidance for projects and initiatives; risk as

Systems Administration and Security

Researchers often need to run servers, clusters, or groups of desktop and laptop computers as a core part of their research projects. These computational resources should be professionally administered, particularly with respect to IT Security.

Two-Factor Authentication

Penn State’s Two-Factor Authentication (2FA) service provides a second layer of protection to a user’s digital identity (for example, an Access Account), as well adding protection to data, systems, and

Virtual Private Network (VPN)

A Virtual Private Network (VPN) is a secure, encrypted network connection typically used to connect from a third-party Internet Service Provider (ISP) to a Penn State network-restricted service and/or resource.

Service Categories