Stephen F. Austin State University

IT Security

Introduction

The role of IT Security at Stephen F. Austin State University is to ensure the confidentiality, integrity, and availability of university data, information, communications, and services.

To promote secure information technology systems, IT Security also educates users; assesses and identifies new architectural requirements; and consults in the areas of security risk, practice, policy, and technology. IT Security also provides the coordination of security incident investigation and response.

SFA works in cooperation with other state agencies and higher education institutions to secure campus information.

Security Awareness Training

Beginning immediately, the new security awareness training package is available across campus. Employees required to take the training will be notified through the myTraining system. Some employees are automatically required based on their access to information and role within the university detailed in the attached guidelines documentation. For employees not automatically required to take the training, it is the director's or department head's responsibility to determine if the employee has access to confidential or sensitive information and therefore should participate in the training. ITS developed a mechanism for the directors and department heads to mark other employees as needing the training as well as a proxy function so this process can be delegated. Note, the update will occur in an nightly upload to myTraining meaning employees will have next day access to the training.

Security Awareness Training Guidelines

Employee Security Awareness Training

Student Security Awareness Training

For questions, please contact the IT Security office.

Current Events

Vulnerability Assessment

The DIR has assessed SFA's network security by conducting a Vulnerability Assessment. This assessment will be performed on a quarterly basis throughout the year. The outcome of these engagements will assist SFA in gauging our security posture based on the results that we receive.