Security Review

Fulton Schools of Engineering Customizations:

The Arizona State University (ASU) computing environment is a unified network where all participants secure and maintain its integrity. As part of the ASU and Fulton Schools of Engineering (FSE) community, we share responsibility for technology use within the university network. Departments that acquire software or hardware must fulfill appropriate security controls.

In compliance with ASU’s information security standards, FSE leverages our distributed IT organizational structure to provide the best guidance and recommendations for our community on technology acquisitions.

Engineering Technical Services (ETS) designed a subset of customized security processes to serve FSE and help streamline and navigate security review procedures. It is essential to start the security review process early. Each school’s IT Manager is responsible for generating FSE Security Reviews for new and preexisting technology.

Please contact your IT Manager directly or through ServiceNow to initiate a Security Review.

What types of products require a Security Review?

Hardware acquisitions do NOT require a security review for computer components and peripherals such as processors, network cards, drives, motherboards, mice, etc.

Software acquisitions, free or paid, must undergo a security review for programs, integrations, add-ons, and plugins that meet any criteria listed below.

• Installed on an ASU system
• Has access to ASU systems
• Has access to ASU networks

Additional Information

• Administrative Access
• Privileged Use
• Computer Standards/ Security Exceptions
• GetProtected