The Arizona State University computing environment is a unified network where all participants secure and maintain its integrity. As part of the ASU and Fulton community, you are responsible for any technology that is purchased, installed or used on the ASU network. ASU requires that departments purchasing and implementing software, hardware and technology implement appropriate security controls to safeguard university assets.
As part of the technology procurement process, all technology contracts must include Information Security Language and a Security Review must be completed when the agreement meets at least one of these criteria:
- ASU is purchasing or leasing software, or processing a software renewal
- ASU is leasing or purchasing hardware with embedded software
- An entity is creating any code for ASU
- An entity receives, stores, or analyzes ASU Data
- An entity is hosting, or managing by infrastructure outside of ASU, including in the cloud, ASU Data.
In compliance with ASU’s security standards, Engineering is leveraging the distributed IT organizational structure that we have in place to provide the best guidance and recommendations to the Fulton community on technology purchases. Our team also ensures that all endpoint devices on the network meet ASU security compliance requirements. We have designed a custom internal security review process to serve the Ira A. Fulton Schools of Engineering to help streamline and navigate the security review process during the purchasing phase.
Each school has designated Security Review Liaisons, who are responsible for generating an internal FSE Security Review for all technology purchases. It is important to start the security review process early and engage your IT team. ETS is available for assistance throughout the entirety of the process and to help with reviews that might require ISO Lite or Full Security Review. Any technology that will be integrated with ASU systems, will require a Security Review Full.
The following list is of authorized IT personnel who may submit FSE Security Reviews for their respective units. Please contact them directly or through ServiceNow to initiate a technology purchase or contact Kraig Farkash if you need additional assistance.
Authorized FSE Security Review Liasons