Service Description

Information Security Consulting and Support services are offered to help UTM departments and division safeguard University’s data and meet the requirements of the University’s security policies and other legal and regulatory requirements.

Services provided:

• Security consulting
  • Provide supporting analysis to help users to resolve information technology risks, threats, and vulnerabilities and to implement adequate risk mitigation measures
  • Provide consultation to respond to audit and/or security assessment findings
• Vulnerability and Penetration Testing
  • Scan network systems and servers to discover vulnerabilities
  • Scan web application to discover vulnerabilities
• Incident Response and Investigation
  • Triage security incidents ranging from desktop compromises to system-wide issues
  • Provide coordination and consultation
  • Assist in preservation of data
  • Track current state of incidents
• Compliance and Audit Support
  • Provide guidance on implementing process controls on IT related activities to meet University compliance requirements
  • Support University Audit and External Audit inquiries related to IT controls
• Security manual development and ongoing review of IT policies, standards, and procedures
  • Assist UTM Staffs with understanding and interpreting laws, regulations, University security policies and standards
  • Assist in development of departmental specific policies, standards, and guidelines to meet University IT security policy requirements
• Security training and awareness activities and materials
  • Provide annual program of security training events for UTM fulltime staffs
  • Provide regular IT security tips for UTM staffs and students
• Enterprise security software and tools to use:
  • Server Vulnerability scanning
  • Web Application vulnerability scanning